CVE-2018-5730

CWE-909 documents7 sources

Severity

3.8LOW

EPSS

0.4%

top 37.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

MIT Kerberos 5 Debian Debian Linux Fedoraproject Fedora +3 more

Timeline

PublishedMar 6

Latest updateMay 13

Description

MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:NExploitability: 1.2 | Impact: 2.5

Affected Packages5 packages

▶NVDmit/kerberos_55-1.6 — 5-1.21.2

▶Debiankrb5< 1.16.1-1+3

▶NVDredhat/enterprise_linux_server7.0

▶NVDredhat/enterprise_linux_desktop7.0

▶NVDredhat/enterprise_linux_workstation7.0

Also affects: Debian Linux 8.0, 9.0, Fedora 26, 27

Patches

Patch: bugzilla.redhat.com ↗Patch: github.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-cmm2-4q45-jpgh: MIT krb5 1↗2022-05-13

▶

CVEList

CVE-2018-5730: MIT krb5 1↗2018-03-06

▶

OSV

CVE-2018-5730: MIT krb5 1↗2018-03-06

▶

📋Vendor Advisories

Red Hat

krb5: DN container check bypass by supplying special crafted data↗2018-03-01

▶

Debian

CVE-2018-5730: krb5 - MIT krb5 1.6 or later allows an authenticated kadmin with permission to add prin...↗2018

▶

💬Community

Bugzilla

CVE-2018-5730 krb5: DN container check bypass by supplying special crafted data↗2018-03-02

▶

Bugzilla

CVE-2018-5730 krb5: DN container check bypass by supplying special crafted data [fedora-all]↗2018-03-02

▶

Bugzilla

CVE-2018-5729, CVE-2018-5730 krb5: null pointer deference in strlen function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c [fedora-all]↗2018-01-17

▶