Vulnerabilities > CVE-2017-11368 - Reachable Assertion vulnerability in multiple products

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
fedoraproject
mit
CWE-617
nessus

Summary

In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2017-71C47E1E82.NASL
    descriptionFix CVE-2017-11368 (remote triggerable assertion failure in krb5kdc) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2017-07-27
    plugin id101997
    published2017-07-27
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/101997
    titleFedora 24 : krb5 (2017-71c47e1e82)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2018-0666.NASL
    descriptionFrom Red Hat Security Advisory 2018:0666 : An update for krb5 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). Security Fix(es) : * krb5: Authentication bypass by improper validation of certificate EKU and SAN (CVE-2017-7562) * krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure (CVE-2017-11368) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id109104
    published2018-04-18
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/109104
    titleOracle Linux 7 : krb5 (ELSA-2018-0666)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2017-8E9D9771C4.NASL
    descriptionFix CVE-2017-11368 (remote triggerable assertion failure in krb5kdc) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2017-07-27
    plugin id102002
    published2017-07-27
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102002
    titleFedora 25 : krb5 (2017-8e9d9771c4)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20180410_KRB5_ON_SL7_X.NASL
    descriptionSecurity Fix(es) : - krb5: Authentication bypass by improper validation of certificate EKU and SAN (CVE-2017-7562) - krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure (CVE-2017-11368) Additional Changes :
    last seen2020-03-18
    modified2018-05-01
    plugin id109450
    published2018-05-01
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/109450
    titleScientific Linux Security Update : krb5 on SL7.x x86_64 (20180410)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1167.NASL
    descriptionAccording to the versions of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An authentication bypass flaw was found in the way krb5
    last seen2020-03-19
    modified2019-04-09
    plugin id123853
    published2019-04-09
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123853
    titleEulerOS Virtualization 2.5.3 : krb5 (EulerOS-SA-2019-1167)
  • NASL familyAmazon Linux Local Security Checks
    NASL idAL2_ALAS-2018-1010.NASL
    descriptionAuthentication bypass by improper validation of certificate EKU and SAN An authentication bypass flaw was found in the way krb5
    last seen2020-06-01
    modified2020-06-02
    plugin id109689
    published2018-05-11
    reporterThis script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/109689
    titleAmazon Linux 2 : krb5 (ALAS-2018-1010)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_3F3837CC48FB4414AA465B1C23C9FEAE.NASL
    descriptionMIT reports : CVE-2017-11368 : In MIT krb5 1.7 and later, an authenticated attacker can cause an assertion failure in krb5kdc by sending an invalid S4U2Self or S4U2Proxy request. CVE-2017-11462 : RFC 2744 permits a GSS-API implementation to delete an existing security context on a second or subsequent call to gss_init_sec_context() or gss_accept_sec_context() if the call results in an error. This API behavior has been found to be dangerous, leading to the possibility of memory errors in some callers. For safety, GSS-API implementations should instead preserve existing security contexts on error until the caller deletes them. All versions of MIT krb5 prior to this change may delete acceptor contexts on error. Versions 1.13.4 through 1.13.7, 1.14.1 through 1.14.5, and 1.15 through 1.15.1 may also delete initiator contexts on error.
    last seen2020-06-01
    modified2020-06-02
    plugin id103953
    published2017-10-19
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/103953
    titleFreeBSD : krb5 -- Multiple vulnerabilities (3f3837cc-48fb-4414-aa46-5b1c23c9feae)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2018-1010.NASL
    descriptionA denial of service flaw was found in MIT Kerberos krb5kdc service. An authenticated attacker could use this flaw to cause krb5kdc to exit with an assertion failure by making an invalid S4U2Self or S4U2Proxy request.(CVE-2017-11368) An authentication bypass flaw was found in the way krb5
    last seen2020-06-01
    modified2020-06-02
    plugin id117342
    published2018-09-07
    reporterThis script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/117342
    titleAmazon Linux AMI : krb5 (ALAS-2018-1010)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1058.NASL
    descriptionIn MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests. For Debian 7
    last seen2020-03-17
    modified2017-08-15
    plugin id102482
    published2017-08-15
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/102482
    titleDebian DLA-1058-1 : krb5 security update
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2018-1361.NASL
    descriptionAccording to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A denial of service flaw was found in MIT Kerberos krb5kdc service. An authenticated attacker could use this flaw to cause krb5kdc to exit with an assertion failure by making an invalid S4U2Self or S4U2Proxy request.(CVE-2017-11368) - An authentication bypass flaw was found in the way krb5
    last seen2020-06-03
    modified2018-11-07
    plugin id118755
    published2018-11-07
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118755
    titleEulerOS 2.0 SP3 : krb5 (EulerOS-SA-2018-1361)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2018-0666.NASL
    descriptionAn update for krb5 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). Security Fix(es) : * krb5: Authentication bypass by improper validation of certificate EKU and SAN (CVE-2017-7562) * krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure (CVE-2017-11368) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id109370
    published2018-04-27
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/109370
    titleCentOS 7 : krb5 (CESA-2018:0666)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0025_KRB5.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has krb5 packages installed that are affected by multiple vulnerabilities: - An authentication bypass flaw was found in the way krb5
    last seen2020-06-01
    modified2020-06-02
    plugin id127186
    published2019-08-12
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127186
    titleNewStart CGSL CORE 5.04 / MAIN 5.04 : krb5 Multiple Vulnerabilities (NS-SA-2019-0025)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2018-1408.NASL
    descriptionAccording to the versions of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An authentication bypass flaw was found in the way krb5
    last seen2020-03-26
    modified2018-12-28
    plugin id119897
    published2018-12-28
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119897
    titleEulerOS Virtualization 2.5.2 : krb5 (EulerOS-SA-2018-1408)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2017-E5B36383F4.NASL
    descriptionFix CVE-2017-11368 (remote triggerable assertion failure in krb5kdc) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2017-07-26
    plugin id101965
    published2017-07-26
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/101965
    titleFedora 26 : krb5 (2017-e5b36383f4)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2018-0666.NASL
    descriptionAn update for krb5 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the Kerberos key distribution center (KDC). Security Fix(es) : * krb5: Authentication bypass by improper validation of certificate EKU and SAN (CVE-2017-7562) * krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure (CVE-2017-11368) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id108983
    published2018-04-11
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/108983
    titleRHEL 7 : krb5 (RHSA-2018:0666)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2018-1354.NASL
    descriptionAccording to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A denial of service flaw was found in MIT Kerberos krb5kdc service. An authenticated attacker could use this flaw to cause krb5kdc to exit with an assertion failure by making an invalid S4U2Self or S4U2Proxy request.(CVE-2017-11368) - An authentication bypass flaw was found in the way krb5
    last seen2020-05-31
    modified2018-11-06
    plugin id118737
    published2018-11-06
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118737
    titleEulerOS 2.0 SP2 : krb5 (EulerOS-SA-2018-1354)

Redhat

advisories
rhsa
idRHSA-2018:0666
rpms
  • krb5-debuginfo-0:1.15.1-18.el7
  • krb5-devel-0:1.15.1-18.el7
  • krb5-libs-0:1.15.1-18.el7
  • krb5-pkinit-0:1.15.1-18.el7
  • krb5-server-0:1.15.1-18.el7
  • krb5-server-ldap-0:1.15.1-18.el7
  • krb5-workstation-0:1.15.1-18.el7
  • libkadm5-0:1.15.1-18.el7