vulnerability

Oracle Linux: CVE-2017-7562: ELSA-2018-0666: krb5 security, bug fix, and enhancement update (MODERATE) (Multiple Advisories)

Severity
7
CVSS
(AV:N/AC:L/Au:S/C:N/I:C/A:N)
Published
Aug 25, 2017
Added
Apr 19, 2018
Modified
Nov 29, 2024

Description

An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances.
An authentication bypass flaw was found in the way krb5's certauth interface handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances.

Solution(s)

oracle-linux-upgrade-krb5-develoracle-linux-upgrade-krb5-libsoracle-linux-upgrade-krb5-pkinitoracle-linux-upgrade-krb5-serveroracle-linux-upgrade-krb5-server-ldaporacle-linux-upgrade-krb5-workstationoracle-linux-upgrade-libkadm5
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.