The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of krb5 MIT

computer vulnerability note CVE-2018-20217

MIT krb5: assertion error via Old Encryption S4U2Self Request

Synthesis of the vulnerability

An attacker can force an assertion error via Old Encryption S4U2Self Request of MIT krb5, in order to trigger a denial of service.
Impacted products: Debian, Fedora, MIT krb5, openSUSE Leap, Solaris, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: intranet client.
Creation date: 27/12/2018.
Identifiers: bulletinjan2019, CVE-2018-20217, DLA-1643-1, FEDORA-2018-7db7ccda4d, FEDORA-2019-ac7e19b0c8, openSUSE-SU-2019:0063-1, openSUSE-SU-2019:0085-1, SUSE-SU-2019:0111-1, SUSE-SU-2019:0113-1, VIGILANCE-VUL-28099.

Description of the vulnerability

An attacker can force an assertion error via Old Encryption S4U2Self Request of MIT krb5, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2018-5729 CVE-2018-5730

krb5: NULL pointer dereference via ldap_principal2.c

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced in ldap_principal2.c of krb5, in order to trigger a denial of service.
Impacted products: Debian, Fedora, MIT krb5, openSUSE Leap, RHEL, SLES.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: privileged account.
Number of vulnerabilities in this bulletin: 2.
Creation date: 21/02/2018.
Identifiers: CVE-2018-5729, CVE-2018-5730, DLA-1643-1, FEDORA-2018-391a1f3e61, FEDORA-2018-f97cb1c9b0, openSUSE-SU-2018:0854-1, openSUSE-SU-2019:0139-1, RHSA-2018:3071-01, SUSE-SU-2019:0175-1, VIGILANCE-VUL-25336.

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced in ldap_principal2.c of krb5, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2018-5710

MIT krb5: NULL pointer dereference via plugins/kdb/ldap/ libkdb_ldap/ ldap_principal2.c

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via plugins/kdb/ldap/ libkdb_ldap/ ldap_principal2.c of MIT krb5, in order to trigger a denial of service.
Impacted products: MIT krb5.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: user account.
Creation date: 17/01/2018.
Identifiers: CVE-2018-5710, VIGILANCE-VUL-25096.

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via plugins/kdb/ldap/ libkdb_ldap/ ldap_principal2.c of MIT krb5, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2018-5709

MIT krb5: read-write access via kadmin/dbutil/dump.c

Synthesis of the vulnerability

An attacker can bypass access restrictions via kadmin/dbutil/dump.c of MIT krb5, in order to read or alter data.
Impacted products: MIT krb5.
Severity: 2/4.
Consequences: data reading, data creation/edition, data deletion.
Provenance: user account.
Creation date: 17/01/2018.
Identifiers: CVE-2018-5709, VIGILANCE-VUL-25095.

Description of the vulnerability

An attacker can bypass access restrictions via kadmin/dbutil/dump.c of MIT krb5, in order to read or alter data.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2017-15088

MIT krb5: buffer overflow via PKINIT get_matching_data

Synthesis of the vulnerability

An attacker can generate a buffer overflow via PKINIT get_matching_data() of MIT krb5, in order to trigger a denial of service, and possibly to run code.
Impacted products: Fedora, MIT krb5, openSUSE Leap, SUSE Linux Enterprise Desktop, SLES.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 08/11/2017.
Identifiers: 871698, CVE-2017-15088, FEDORA-2017-41957e0f90, openSUSE-SU-2017:2993-1, SUSE-SU-2017:2948-1, VIGILANCE-VUL-24388.

Description of the vulnerability

An attacker can generate a buffer overflow via PKINIT get_matching_data() of MIT krb5, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2017-11462

MIT krb5: use after free via GSS-API

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via GSS-API of MIT krb5, in order to trigger a denial of service, and possibly to run code.
Impacted products: Fedora, MIT krb5, openSUSE Leap.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: intranet client.
Creation date: 11/09/2017.
Identifiers: 873563, CVE-2017-11462, FEDORA-2017-10c74147f9, FEDORA-2017-56e23bc2b5, openSUSE-SU-2017:2712-1, VIGILANCE-VUL-23791.

Description of the vulnerability

An attacker can force the usage of a freed memory area via GSS-API of MIT krb5, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-7562

MIT krb5: privilege escalation via EKU Cert Missing SAN

Synthesis of the vulnerability

An attacker can bypass restrictions via EKU Cert Missing SAN of MIT krb5, in order to escalate his privileges.
Impacted products: Fedora, MIT krb5, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights.
Provenance: intranet client.
Creation date: 29/08/2017.
Identifiers: CVE-2017-7562, FEDORA-2017-bf74db7147, RHSA-2018:0666-01, SUSE-SU-2018:1425-1, VIGILANCE-VUL-23635.

Description of the vulnerability

An attacker can bypass restrictions via EKU Cert Missing SAN of MIT krb5, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2017-11368

MIT Kerberos: assertion error via krb5kdc S4U2Self/S4U2Proxy

Synthesis of the vulnerability

An attacker can force an assertion error via krb5kdc S4U2Self/S4U2Proxy of MIT Kerberos, in order to trigger a denial of service.
Impacted products: Debian, Fedora, MIT krb5, Solaris, RHEL.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: intranet client.
Creation date: 25/07/2017.
Identifiers: bulletinjul2018, CVE-2017-11368, DLA-1058-1, FEDORA-2017-71c47e1e82, FEDORA-2017-8e9d9771c4, FEDORA-2017-e5b36383f4, RHSA-2018:0666-01, VIGILANCE-VUL-23349.

Description of the vulnerability

An attacker can force an assertion error via krb5kdc S4U2Self/S4U2Proxy of MIT Kerberos, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce 20637

MIT krb5: security improvement via DES disabling

Synthesis of the vulnerability

The security of MIT krb5 was improved by disabling by default the DES encryption algorithm, which is now to be considered weak.
Impacted products: MIT krb5.
Severity: 1/4.
Consequences: no consequence.
Provenance: internet client.
Creation date: 19/09/2016.
Identifiers: VIGILANCE-VUL-20637.

Description of the vulnerability

This bulletin is about a security improvement.

It does not describe a vulnerability.

The security of MIT krb5 was therefore improved by disabling by default the DES encryption algorithm, which is now to be considered weak.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce 19992

MIT krb5: buffer overflow via libkrad

Synthesis of the vulnerability

An attacker can generate a buffer overflow via libkrad of MIT krb5, in order to trigger a denial of service, and possibly to run code.
Impacted products: Fedora, MIT krb5.
Severity: 2/4.
Consequences: user access/rights, denial of service on service.
Provenance: document.
Creation date: 28/06/2016.
Revision date: 26/07/2016.
Identifiers: FEDORA-2016-0b966047e1, FEDORA-2016-335ed87353, FEDORA-2016-d18f993ab6, VIGILANCE-VUL-19992.

Description of the vulnerability

The MIT krb5 product uses libkrad to interact with RADIUS.

However, if the size of data is greater than the size of the storage array, an overflow occurs in the on_io_read() function of the src/lib/krad/remote.c file.

An attacker can therefore generate a buffer overflow via libkrad of MIT krb5, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about krb5 MIT: