CVE-2017-11368

Published: Aug 9, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970

x_refsource_CONFIRM

FEDORA-2017-e5b36383f4

vendor-advisory

x_refsource_FEDORA

RHSA-2018:0666

vendor-advisory

x_refsource_REDHAT

100291

vdb-entry

x_refsource_BID

FEDORA-2017-8e9d9771c4

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-11368

Description

Affected Products

References