Search for packages
| purl | pkg:alpm/archlinux/krb5@1.16.1-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1h5c-cqhe-aaak | MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module. |
CVE-2018-5729
|
| VCID-dyyj-xzwf-aaae | An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data. |
CVE-2018-5709
|
| VCID-sj56-jfqf-aaar | MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN. |
CVE-2018-5730
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:46:55.698501+00:00 | Arch Linux Importer | Fixing | VCID-dyyj-xzwf-aaae | https://security.archlinux.org/AVG-586 | 36.0.0 |
| 2025-03-28T07:46:55.667382+00:00 | Arch Linux Importer | Fixing | VCID-1h5c-cqhe-aaak | https://security.archlinux.org/AVG-586 | 36.0.0 |
| 2025-03-28T07:46:55.646899+00:00 | Arch Linux Importer | Fixing | VCID-sj56-jfqf-aaar | https://security.archlinux.org/AVG-586 | 36.0.0 |
| 2024-09-18T02:02:16.794537+00:00 | Arch Linux Importer | Fixing | VCID-dyyj-xzwf-aaae | https://security.archlinux.org/AVG-586 | 34.0.1 |
| 2024-09-18T02:02:16.767517+00:00 | Arch Linux Importer | Fixing | VCID-1h5c-cqhe-aaak | https://security.archlinux.org/AVG-586 | 34.0.1 |
| 2024-09-18T02:02:16.742943+00:00 | Arch Linux Importer | Fixing | VCID-sj56-jfqf-aaar | https://security.archlinux.org/AVG-586 | 34.0.1 |
| 2024-07-06T22:27:37.566680+00:00 | Arch Linux Importer | Fixing | VCID-dyyj-xzwf-aaae | https://security.archlinux.org/AVG-586 | 34.0.0rc4 |
| 2024-07-06T22:27:37.545951+00:00 | Arch Linux Importer | Fixing | VCID-1h5c-cqhe-aaak | https://security.archlinux.org/AVG-586 | 34.0.0rc4 |
| 2024-07-06T22:27:37.522267+00:00 | Arch Linux Importer | Fixing | VCID-sj56-jfqf-aaar | https://security.archlinux.org/AVG-586 | 34.0.0rc4 |
| 2024-01-03T22:28:18.740759+00:00 | Arch Linux Importer | Fixing | VCID-dyyj-xzwf-aaae | https://security.archlinux.org/AVG-586 | 34.0.0rc1 |
| 2024-01-03T22:28:18.714325+00:00 | Arch Linux Importer | Fixing | VCID-1h5c-cqhe-aaak | https://security.archlinux.org/AVG-586 | 34.0.0rc1 |
| 2024-01-03T22:28:18.693004+00:00 | Arch Linux Importer | Fixing | VCID-sj56-jfqf-aaar | https://security.archlinux.org/AVG-586 | 34.0.0rc1 |