Home

CVE-2018-5729

Description

MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module.

Risk Information

Base Score
4.7
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
EPSS Score
Exploitation Probability
0.076

Associated Vulnerability

VulnerabilityOS Platform
SUSE-SU-2018:0846-1(SUSE Linux Enterprise Desktop 12-SP2 ) krb5-1.12.5-40.23.2.x86_64.rpmLinux
SUSE-SU-2018:0846-1(SUSE Linux Enterprise Desktop 12-SP2 ) krb5-32bit-1.12.5-40.23.2.x86_64.rpmLinux
SUSE-SU-2018:0846-1(SUSE Linux Enterprise Desktop 12-SP2 ) krb5-client-1.12.5-40.23.2.x86_64.rpmLinux
SUSE-SU-2018:0846-1(SUSE Linux Enterprise Desktop 12-SP2 ) krb5-client-debuginfo-1.12.5-40.23.2.x86_64.rpmLinux
SUSE-SU-2018:0846-1(SUSE Linux Enterprise Desktop 12-SP2 ) krb5-debuginfo-1.12.5-40.23.2.x86_64.rpmLinux
SUSE-SU-2018:0846-1(SUSE Linux Enterprise Desktop 12-SP2 ) krb5-debuginfo-32bit-1.12.5-40.23.2.x86_64.rpmLinux
SUSE-SU-2018:0846-1(SUSE Linux Enterprise Desktop 12-SP2 ) krb5-debugsource-1.12.5-40.23.2.x86_64.rpmLinux
SUSE-SU-2018:0846-1(SUSE Linux Enterprise Server 12-SP2 ) krb5-doc-1.12.5-40.23.2.x86_64.rpmLinux
SUSE-SU-2018:0846-1(SUSE Linux Enterprise Server 12-SP2 ) krb5-plugin-kdb-ldap-1.12.5-40.23.2.x86_64.rpmLinux
SUSE-SU-2018:0846-1(SUSE Linux Enterprise Server 12-SP2 ) krb5-plugin-kdb-ldap-debuginfo-1.12.5-40.23.2.x86_64.rpmLinux
SUSE-SU-2018:0846-1(SUSE Linux Enterprise Server 12-SP2 ) krb5-plugin-preauth-otp-1.12.5-40.23.2.x86_64.rpmLinux
SUSE-SU-2018:0846-1(SUSE Linux Enterprise Server 12-SP2 ) krb5-plugin-preauth-otp-debuginfo-1.12.5-40.23.2.x86_64.rpmLinux
SUSE-SU-2018:0846-1(SUSE Linux Enterprise Server 12-SP2 ) krb5-plugin-preauth-pkinit-1.12.5-40.23.2.x86_64.rpmLinux
SUSE-SU-2018:0846-1(SUSE Linux Enterprise Server 12-SP2 ) krb5-plugin-preauth-pkinit-debuginfo-1.12.5-40.23.2.x86_64.rpmLinux
SUSE-SU-2018:0846-1(SUSE Linux Enterprise Server 12-SP2 ) krb5-server-1.12.5-40.23.2.x86_64.rpmLinux
SUSE-SU-2018:0846-1(SUSE Linux Enterprise Server 12-SP2 ) krb5-server-debuginfo-1.12.5-40.23.2.x86_64.rpmLinux
SUSE-SU-2018:0859-1(SUSE Linux Enterprise Server 11-SP4 ) krb5-1.6.3-133.49.113.7.1.x86_64.rpmLinux
SUSE-SU-2018:0859-1(SUSE Linux Enterprise Server 11-SP4 ) krb5-32bit-1.6.3-133.49.113.7.1.x86_64.rpmLinux
SUSE-SU-2018:0859-1(SUSE Linux Enterprise Server 11-SP4 ) krb5-apps-clients-1.6.3-133.49.113.7.1.x86_64.rpmLinux
SUSE-SU-2018:0859-1(SUSE Linux Enterprise Server 11-SP4 ) krb5-apps-servers-1.6.3-133.49.113.7.1.x86_64.rpmLinux
SUSE-SU-2018:0859-1(SUSE Linux Enterprise Server 11-SP4 ) krb5-client-1.6.3-133.49.113.7.1.x86_64.rpmLinux
SUSE-SU-2018:0859-1(SUSE Linux Enterprise Server 11-SP4 ) krb5-server-1.6.3-133.49.113.7.1.x86_64.rpmLinux
(RHSA-2018:3071) krb5 security, bug fix, and enhancement update krb5-devel-1.15.1-34.el7.i686.rpmLinux
(RHSA-2018:3071) krb5 security, bug fix, and enhancement update krb5-devel-1.15.1-34.el7.x86_64.rpmLinux
(RHSA-2018:3071) krb5 security, bug fix, and enhancement update krb5-libs-1.15.1-34.el7.i686.rpmLinux
(RHSA-2018:3071) krb5 security, bug fix, and enhancement update krb5-libs-1.15.1-34.el7.x86_64.rpmLinux
(RHSA-2018:3071) krb5 security, bug fix, and enhancement update krb5-pkinit-1.15.1-34.el7.x86_64.rpmLinux
(RHSA-2018:3071) krb5 security, bug fix, and enhancement update krb5-server-1.15.1-34.el7.x86_64.rpmLinux
(RHSA-2018:3071) krb5 security, bug fix, and enhancement update krb5-server-ldap-1.15.1-34.el7.x86_64.rpmLinux
(RHSA-2018:3071) krb5 security, bug fix, and enhancement update krb5-workstation-1.15.1-34.el7.x86_64.rpmLinux
(RHSA-2018:3071) krb5 security, bug fix, and enhancement update libkadm5-1.15.1-34.el7.i686.rpmLinux
(RHSA-2018:3071) krb5 security, bug fix, and enhancement update libkadm5-1.15.1-34.el7.x86_64.rpmLinux
Krb5-devel update (ELSA-2018-3071) krb5-devel-1.15.1-34.el7.x86_64.rpmLinux
Krb5-libs update (ELSA-2018-3071) krb5-libs-1.15.1-34.el7.x86_64.rpmLinux
Krb5-pkinit update (ELSA-2018-3071) krb5-pkinit-1.15.1-34.el7.x86_64.rpmLinux
Krb5-server update (ELSA-2018-3071) krb5-server-1.15.1-34.el7.x86_64.rpmLinux
Krb5-server-ldap update (ELSA-2018-3071) krb5-server-ldap-1.15.1-34.el7.x86_64.rpmLinux
Krb5-workstation update (ELSA-2018-3071) krb5-workstation-1.15.1-34.el7.x86_64.rpmLinux
Libkadm5 update (ELSA-2018-3071) libkadm5-1.15.1-34.el7.x86_64.rpmLinux
Krb5-devel update (ELSA-2018-3071) krb5-devel-1.15.1-34.el7.i686.rpmLinux
Krb5-libs update (ELSA-2018-3071) krb5-libs-1.15.1-34.el7.i686.rpmLinux
Libkadm5 update (ELSA-2018-3071) libkadm5-1.15.1-34.el7.i686.rpmLinux
NULL Pointer Dereference Vulnerability (CVE-2018-5729)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234