{"id":"CVE-2018-5729","details":"MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module.","modified":"2026-05-18T05:51:44.241962508Z","published":"2018-03-06T20:29:00.563Z","related":["SUSE-SU-2018:0846-1","SUSE-SU-2018:0859-1","SUSE-SU-2019:0175-1","openSUSE-SU-2019:0139-1","openSUSE-SU-2024:10899-1"],"database_specific":{"unresolved_ranges":[{"source":"CPE_FIELD","cpes":["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"],"vendor_product":"debian:debian_linux","extracted_events":[{"last_affected":"8.0"},{"last_affected":"9.0"}]},{"source":"CPE_FIELD","cpes":["cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*","cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*"],"vendor_product":"fedoraproject:fedora","extracted_events":[{"last_affected":"26"},{"last_affected":"27"}]},{"cpes":["cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*"],"source":"CPE_FIELD","vendor_product":"mit:kerberos_5","extracted_events":[{"introduced":"5-1.6"},{"fixed":"5-1.21.2"},{"introduced":"5-1.6"},{"fixed":"5-1.21.2"}]},{"source":"CPE_FIELD","cpes":["cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"],"vendor_product":"redhat:enterprise_linux_desktop","extracted_events":[{"last_affected":"7.0"}]},{"source":"CPE_FIELD","cpes":["cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"],"vendor_product":"redhat:enterprise_linux_server","extracted_events":[{"last_affected":"7.0"}]},{"cpes":["cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"],"source":"CPE_FIELD","vendor_product":"redhat:enterprise_linux_workstation","extracted_events":[{"last_affected":"7.0"}]}]},"references":[{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1042071"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHBA-2019:0327"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:3071"},{"type":"ADVISORY","url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891869"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2021/09/msg00019.html"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GK5T6JPMBHBPKS7HNGHYUUF4KKRMNSNU/"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OIFUL3CPM4S5TOXTTOCQ3CUZN6XCXUTR/"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1551083"},{"type":"FIX","url":"https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/krb5/krb5","events":[{"introduced":"0"},{"fixed":"e1caf6fb74981da62039846931ebdffed71309d1"}],"database_specific":{"source":"REFERENCES"}}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-5729.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L"}]}