rpm package
suse/krb5&distro=SUSE Linux Enterprise Module for Server Applications 15
pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-5730 | Low | 3.8 | < 1.15.2-6.6.2 | 1.15.2-6.6.2 | Mar 6, 2018 | MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a | |
| CVE-2018-5729 | Med | 4.7 | < 1.15.2-6.6.2 | 1.15.2-6.6.2 | Mar 6, 2018 | MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module. |
- affected < 1.15.2-6.6.2fixed 1.15.2-6.6.2
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a
- affected < 1.15.2-6.6.2fixed 1.15.2-6.6.2
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module.