What is the severity of CVE-2007-0956?

CVE-2007-0956 is a critical vulnerability that allows remote attackers to bypass authentication in the telnet daemon.

How do I fix CVE-2007-0956?

To fix CVE-2007-0956, update to MIT Kerberos 5 version 1.6.1 or later.

What systems are affected by CVE-2007-0956?

CVE-2007-0956 affects multiple versions of MIT Kerberos 5 as well as Debian and Ubuntu Linux distributions.

Can CVE-2007-0956 be exploited remotely?

Yes, CVE-2007-0956 can be exploited remotely by attackers who send specially crafted usernames.

Is CVE-2007-0956 related to any other vulnerabilities?

Yes, CVE-2007-0956 is similar in nature to CVE-2007-0882, both involving authentication bypass issues.

Vulnerability/
CVE-2007-0956

critical

CWE

306

6/4/2007

7/8/2024

CVE-2007-0956

First published: Fri Apr 06 2007(Updated: )

The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass authentication and gain system access via a username beginning with a '-' character, a similar issue to CVE-2007-0882.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
MIT Kerberos 5	<1.6.1
Debian GNU/Linux	=3.1
Debian GNU/Linux	=4.0
Ubuntu Linux	=6.10
Ubuntu Linux	=5.10
Ubuntu Linux	=6.06

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-0956?
CVE-2007-0956 is a critical vulnerability that allows remote attackers to bypass authentication in the telnet daemon.
How do I fix CVE-2007-0956?
To fix CVE-2007-0956, update to MIT Kerberos 5 version 1.6.1 or later.
What systems are affected by CVE-2007-0956?
CVE-2007-0956 affects multiple versions of MIT Kerberos 5 as well as Debian and Ubuntu Linux distributions.
Can CVE-2007-0956 be exploited remotely?
Yes, CVE-2007-0956 can be exploited remotely by attackers who send specially crafted usernames.
Is CVE-2007-0956 related to any other vulnerabilities?
Yes, CVE-2007-0956 is similar in nature to CVE-2007-0882, both involving authentication bypass issues.

agent/type
collector/mitre-cve
source/MITRE
agent/references
agent/weakness
agent/author
agent/severity
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/mit
canonical/mit kerberos 5
vendor/debian
canonical/debian gnu/linux
version/debian gnu/linux/3.1
version/debian gnu/linux/4.0
vendor/canonical
canonical/ubuntu linux
version/ubuntu linux/6.10
version/ubuntu linux/5.10
version/ubuntu linux/6.06

Frequently Asked Questions

What is the severity of CVE-2007-0956?
CVE-2007-0956 is a critical vulnerability that allows remote attackers to bypass authentication in the telnet daemon.
How do I fix CVE-2007-0956?
To fix CVE-2007-0956, update to MIT Kerberos 5 version 1.6.1 or later.
What systems are affected by CVE-2007-0956?
CVE-2007-0956 affects multiple versions of MIT Kerberos 5 as well as Debian and Ubuntu Linux distributions.
Can CVE-2007-0956 be exploited remotely?
Yes, CVE-2007-0956 can be exploited remotely by attackers who send specially crafted usernames.
Is CVE-2007-0956 related to any other vulnerabilities?
Yes, CVE-2007-0956 is similar in nature to CVE-2007-0882, both involving authentication bypass issues.

CVE-2007-0956

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-0956?

How do I fix CVE-2007-0956?

What systems are affected by CVE-2007-0956?

Can CVE-2007-0956 be exploited remotely?

Is CVE-2007-0956 related to any other vulnerabilities?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2007-0956?

How do I fix CVE-2007-0956?

What systems are affected by CVE-2007-0956?

Can CVE-2007-0956 be exploited remotely?

Is CVE-2007-0956 related to any other vulnerabilities?