CVE-2018-5709Integer Overflow or Wraparound in Kerberos

CWE-190Integer Overflow or Wraparound8 documents7 sources
Severity
7.5HIGHNVD
EPSS
1.5%
top 18.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
MIT Kerberos
Timeline
PublishedJan 16
Latest updateMay 13

Description

An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

NVDmit/kerberos5-1.16

🔴Vulnerability Details

3
GHSA
GHSA-9g2q-jwhw-j832: An issue was discovered in MIT Kerberos 5 (aka krb5) through 12022-05-13
CVEList
CVE-2018-5709: An issue was discovered in MIT Kerberos 5 (aka krb5) through 12018-01-16
OSV
CVE-2018-5709: An issue was discovered in MIT Kerberos 5 (aka krb5) through 12018-01-16

📋Vendor Advisories

2
Red Hat
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c2018-01-15
Debian
CVE-2018-5709: krb5 - An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a va...2018

💬Community

2
Bugzilla
CVE-2018-5709 krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c2018-01-17
Bugzilla
CVE-2018-5709 krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c [fedora-all]2018-01-17
CVE-2018-5709 — Integer Overflow or Wraparound | cvebase