A stack overflow vulnerability in the RPCSEC_GSS (see rpcsec_gss(3NSL)) security flavor used to access the Generic Security Services Application Programming Interface (GSS-API) affects the Kerberos administration daemon (kadmind(1M)). This vulnerability may allow an unauthorized remote user the ability to execute arbitrary commands on Kerberos Key Distribution Center(KDC) systems with the privileges of the kadmind(1M) daemon (usually root). This may also allow the remote user to compromise the Kerberos key database or cause the kadmind(1M) daemon to crash, which is a type of Denial of Service (DoS).
Note: Third-party applications which utilize RPCSEC_GSS may also be affected.
This issue is also referenced in the following documents:
Note: Solaris is not affected by CVE-2007-4000 mentioned in MITKRB5-SA-2007-006.