CVE-2018-20217 — Reachable Assertion in Kerberos

CWE-617 — Reachable Assertion10 documents8 sources

Severity

5.3MEDIUMNVD

EPSS

2.4%

top 15.00%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

MIT Krb5 MIT Kerberos Debian Linux

Timeline

PublishedDec 26

Latest updateJan 25

Description

A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.6 | Impact: 3.6

Affected Packages3 packages

▶NVDmit/kerberos< 5-1.17

▶Debianmit/krb5< 1.16.2-1+3

▶Ubuntumit/krb5< 1.16-2ubuntu0.3+4

Also affects: Debian Linux 8.0, 9.0

Patches

Patch: krbdev.mit.edu ↗Patch: github.com ↗Patch: krbdev.mit.edu ↗

🔴Vulnerability Details

OSV

krb5 vulnerabilities↗2023-01-25

▶

GHSA

GHSA-f4hc-rvh5-8phv: A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1↗2022-05-13

▶

OSV

CVE-2018-20217: A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1↗2018-12-26

▶

CVEList

CVE-2018-20217: A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1↗2018-12-26

▶

📋Vendor Advisories

Ubuntu

Kerberos vulnerabilities↗2023-01-25

▶

Red Hat

krb5: Reachable assertion in the KDC using S4U2Self requests↗2018-12-02

▶

Debian

CVE-2018-20217: krb5 - A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb...↗2018

▶

💬Community

Bugzilla

CVE-2018-20217 krb5: Reachable assertion in the KDC using S4U2Self requests [fedora-all]↗2019-01-10

▶

Bugzilla

CVE-2018-20217 krb5: Reachable assertion in the KDC using S4U2Self requests↗2019-01-10

▶