vulnerability

Amazon Linux AMI 2: CVE-2018-5729: Security patch for krb5 (ALAS-2018-1129)

Try Surface Command
Back to search
Severity
7
CVSS
(AV:N/AC:L/Au:S/C:P/I:P/A:P)
Published
Mar 6, 2018
Added
Apr 27, 2020
Modified
Nov 27, 2024

Description

MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module.

Solution(s)

amazon-linux-ami-2-upgrade-krb5-debuginfoamazon-linux-ami-2-upgrade-krb5-develamazon-linux-ami-2-upgrade-krb5-libsamazon-linux-ami-2-upgrade-krb5-pkinitamazon-linux-ami-2-upgrade-krb5-serveramazon-linux-ami-2-upgrade-krb5-server-ldapamazon-linux-ami-2-upgrade-krb5-workstationamazon-linux-ami-2-upgrade-libkadm5

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today