CVE-2018-5709 is a vulnerability in MIT Kerberos
Published on January 16, 2018

An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.

NVD

Products Associated with CVE-2018-5709

Want to know whenever a new CVE is published for MIT Kerberos? stack.watch will email you.

MIT Kerberos

Exploit Probability

EPSS

1.49%

Percentile

80.83%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-5709 is a vulnerability in MIT KerberosPublished on January 16, 2018

Products Associated with CVE-2018-5709

Exploit Probability

CVE-2018-5709 is a vulnerability in MIT Kerberos
Published on January 16, 2018