krb5

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description The Kerberos network authentication system
Version 1.16-1 [core]

Open

Group Affected Fixed Severity Status Ticket
AVG-586 1.16-1 Medium Vulnerable
Issue Group Severity Remote Type Description
CVE-2018-5730 AVG-586 Medium Yes Insufficient validation
A flaw was found in MIT krb5 1.6 or later, an authenticated kadmin user with permission to add principals to an LDAP Kerberos database can circumvent a DN...
CVE-2018-5729 AVG-586 Medium Yes Insufficient validation
A flaw was found in MIT krb5 1.6 or later, an authenticated kadmin user with permission to add principals to an LDAP Kerberos database can cause a null...
CVE-2018-5709 AVG-586 Low Yes Information disclosure
An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-505 1.15.2-1 Critical Not affected
AVG-414 1.15.1-1 1.15.2-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2017-15088 AVG-505 Critical Yes Arbitrary code execution
plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote...
CVE-2017-11462 AVG-414 High Yes Arbitrary code execution
A double free vulnerability has been discovered in MIT Kerberos 5 (aka krb5) allowing attackers to crash the application or possibly execute arbitrary code...
CVE-2017-11368 AVG-414 Medium Yes Denial of service
A denial of service flaw was found in MIT Kerberos krb5kdc service. An authenticated attacker could use this flaw to cause krb5kdc to exit with an assertion...

Advisories

Date Advisory Group Severity Description
05 Oct 2017 ASA-201710-8 AVG-414 High multiple issues