TELNET: MIT Kerberos 5 Telnet Daemon Authentication Bypass
This signature detects attempts to exploit a known vulnerability against MIT Kerberos 5 Telnet Daemon. A successful attack can lead to arbitrary code execution as any user, possibly including root.
Extended Description
MIT Kerberos 5 is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to gain superuser or SYSTEM-level privileges on the affected computer. Successfully exploiting this issue will result in the complete compromise of affected computers. This issue occurs in Kerberos 5 versions 1.6 and prior.
Affected Products
Turbolinux appliance_server
References
BugTraq: 23281
CVE: CVE-2007-0956
URL: http://www.kb.cert.org/vuls/id/220816 http://www.frsirt.com/english/advisories/2007/1218
Short Name
TELNET:EXPLOIT:MIT-KERB-DASH-E
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
TELNET
Keywords
5 Authentication Bypass CVE-2007-0956 Daemon Kerberos MIT Telnet bid:23281
Release Date
04/27/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Suse
Gentoo
Trustix
Sun
Rpath
Turbolinux
Mit
Sgi
Pardus
Ubuntu
Mandriva
Debian
CVSS Score
10.0