Integer Overflow Vulnerability in MIT Kerberos 5 Database Management
CVE-2018-5709

7.5HIGH

Key Information:

Vendor: Mit
Status: Kerberos
Vendor: CVE Published:; 16 January 2018

What is CVE-2018-5709?

An integer overflow issue has been identified in MIT Kerberos 5, specifically affecting the database management component. The vulnerability arises from improper variable type assignments where a 16-bit data storage capacity is used for a variable designed for 32-bit data. This discrepancy can lead to potential integrity issues within the database, ultimately allowing an attacker to exploit this weakness to manipulate trusted data in Kerberos database dump files.

References

https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabili...

x_refsource_MISC

https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4...

mailing-listx_refsource_MLIST

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 16, 2018
Vulnerability Reserved
Jan 16, 2018

CVE-2018-5709 Data

JSON

Mit

What is CVE-2018-5709?

References

CVSS V3.1

Timeline