Kerberos 5 Security Vulnerabilities and Issues — Kerberos 5 CVE List

Lucene search

MitKerberos 5

3 matches found

CVE•added 2018/03/06 8:29 p.m.•214 views

CVE-2018-5730

MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string...

5.5CVSS4.6AI score0.01109EPSS

CVE•added 2018/03/06 8:29 p.m.•209 views

CVE-2018-5729

MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module.

6.5CVSS4.8AI score0.00437EPSS

CVE•added 2018/07/26 3:29 p.m.•111 views

CVE-2017-7562

An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances.

6.5CVSS6.7AI score0.00256EPSS