Vulnerability CVE-2017-11368: Information

Description

In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests.

Severity: MEDIUM (6.5) Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2017-11368

Published: Aug. 9, 2017

Modified: Nov. 7, 2023

Error type identifier: CWE-617

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
krb5	sisyphus	1.15.2-alt2.S1	1.21.2-alt2	ALT-PU-2017-2651-1	192926	Fixed
krb5	p10	1.15.2-alt2.S1	1.19.4-alt3	ALT-PU-2017-2651-1	192926	Fixed
krb5	p9	1.15.2-alt2.S1	1.17.2-alt5	ALT-PU-2017-2651-1	192926	Fixed
krb5	p8	1.14.6-alt1.M80P.1	1.14.6-alt1.M80P.1	ALT-PU-2018-1648-1	204403	Fixed
krb5	c10f1	1.15.2-alt2.S1	1.19.4-alt3	ALT-PU-2017-2651-1	192926	Fixed
krb5	c9f2	1.15.2-alt2.S1	1.17.2-alt5	ALT-PU-2017-2651-1	192926	Fixed
krb5	c7	1.13.7-alt0.M70C.1	1.14.6-alt1.M70C.1	ALT-PU-2016-2003-1	169626	Fixed
krb5	p11	1.15.2-alt2.S1	1.21.2-alt2	ALT-PU-2017-2651-1	192926	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970	Patch Third Party Advisory
100291	Third Party Advisory VDB Entry
RHSA-2018:0666
FEDORA-2017-e5b36383f4
FEDORA-2017-8e9d9771c4

Affected configurations:
1. Configuration 1
  cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*
  cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*
  
  Configuration 2
  cpe:2.3:a:mit:kerberos:5-1.13.7:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.7:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.8:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.8.2:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.8.3:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.8.4:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.8.5:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.8.6:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.9:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.9.1:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.9.2:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.9.3:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.9.4:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.10:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.10.1:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.10.2:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.10.3:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.10.4:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.11:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.11.1:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.11.2:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.11.3:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.11.4:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.11.5:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.12.3:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.13.5:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.13.6:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.14.2:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.14.3:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.14.4:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.14.5:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.15:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.15.1:beta1:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.15.1:*:*:*:*:*:*:*
  cpe:2.3:a:mit:kerberos_5:1.15.1:beta2:*:*:*:*:*:*

Version: v24.5.3

Vulnerability CVE-2017-11368: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2