Published: 16/01/2018 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 447

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

An issue exists in MIT Kerberos 5 (aka krb5) up to and including 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mit kerberos

Debian Bug report logs - #889684 krb5: CVE-2018-5709 Package: src:krb5; Maintainer for src:krb5 is Sam Hartman <hartmans@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 5 Feb 2018 20:51:01 UTC Severity: important Tags: security, upstream Found in version krb5/116-2 Done: Benjamin Kad ...

An issue was discovered in MIT Kerberos 5 (aka krb5) through 116 There is a variable "dbentry->n_key_data" in kadmin/dbutil/dumpc that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data An attacker can use this vulnerability to affect other artifacts of the database as we know tha ...

CWE-190 https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889684 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2018-5709

CVE-2018-5709

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect