ALT-PU-2018-2231-1
Closed vulnerabilities
Published: 2018-01-03
BDU:2019-01636
Уязвимость сетевого протокола аутентификации Kerberos, связанная с разыменованием указателя NULL, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.7)
Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Severity: MEDIUM (6.5)
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
References:
Published: 2018-07-26
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-7562
An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances.
Severity: MEDIUM (4.0)
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N
Severity: MEDIUM (6.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
References:
- http://www.securityfocus.com/bid/100511
- https://access.redhat.com/errata/RHSA-2018:0666
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7562
- https://github.com/krb5/krb5/pull/694
- https://github.com/krb5/krb5/pull/694/commits/1de6ca2f2eb1fdbab51f1549a25a6903aefcc196
- https://github.com/krb5/krb5/pull/694/commits/50fe4074f188c2d4da0c421e96553acea8378db2
- https://github.com/krb5/krb5/pull/694/commits/b7af544e50a4d8291524f590e20dd44430bf627d
- http://www.securityfocus.com/bid/100511
- https://access.redhat.com/errata/RHSA-2018:0666
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7562
- https://github.com/krb5/krb5/pull/694
- https://github.com/krb5/krb5/pull/694/commits/1de6ca2f2eb1fdbab51f1549a25a6903aefcc196
- https://github.com/krb5/krb5/pull/694/commits/50fe4074f188c2d4da0c421e96553acea8378db2
- https://github.com/krb5/krb5/pull/694/commits/b7af544e50a4d8291524f590e20dd44430bf627d
Published: 2018-03-06
Modified: 2025-05-05
Modified: 2025-05-05
CVE-2018-5729
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module.
Severity: MEDIUM (6.5)
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Severity: MEDIUM (4.7)
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
References:
- http://www.securitytracker.com/id/1042071
- https://access.redhat.com/errata/RHBA-2019:0327
- https://access.redhat.com/errata/RHSA-2018:3071
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869
- https://bugzilla.redhat.com/show_bug.cgi?id=1551083
- https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1
- https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html
- https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GK5T6JPMBHBPKS7HNGHYUUF4KKRMNSNU/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OIFUL3CPM4S5TOXTTOCQ3CUZN6XCXUTR/
- http://www.securitytracker.com/id/1042071
- https://access.redhat.com/errata/RHBA-2019:0327
- https://access.redhat.com/errata/RHSA-2018:3071
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869
- https://bugzilla.redhat.com/show_bug.cgi?id=1551083
- https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1
- https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html
- https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GK5T6JPMBHBPKS7HNGHYUUF4KKRMNSNU/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OIFUL3CPM4S5TOXTTOCQ3CUZN6XCXUTR/
Published: 2018-03-06
Modified: 2025-05-05
Modified: 2025-05-05
CVE-2018-5730
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN.
Severity: MEDIUM (5.5)
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N
Severity: LOW (3.8)
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
References:
- http://www.securitytracker.com/id/1042071
- https://access.redhat.com/errata/RHBA-2019:0327
- https://access.redhat.com/errata/RHSA-2018:3071
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869
- https://bugzilla.redhat.com/show_bug.cgi?id=1551082
- https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1
- https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html
- https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GK5T6JPMBHBPKS7HNGHYUUF4KKRMNSNU/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OIFUL3CPM4S5TOXTTOCQ3CUZN6XCXUTR/
- http://www.securitytracker.com/id/1042071
- https://access.redhat.com/errata/RHBA-2019:0327
- https://access.redhat.com/errata/RHSA-2018:3071
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869
- https://bugzilla.redhat.com/show_bug.cgi?id=1551082
- https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1
- https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html
- https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GK5T6JPMBHBPKS7HNGHYUUF4KKRMNSNU/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OIFUL3CPM4S5TOXTTOCQ3CUZN6XCXUTR/