Vulnerability Description
An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mit | Kerberos | <= 5-1.16 |
Related Weaknesses (CWE)
References
- https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/IntegeThird Party Advisory
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430
- https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/IntegeThird Party Advisory
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430
FAQ
What is CVE-2018-5709?
CVE-2018-5709 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assign...
How severe is CVE-2018-5709?
CVE-2018-5709 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-5709?
Check the references section above for vendor advisories and patch information. Affected products include: Mit Kerberos.