VDB

GCVE-110-MAGEIA-2018-155

GCVE-110-MAGEIA-2018-155
Advisory Published
Vulnetix · Advisory published March 1, 2018
Updated krb5 packages fix security vulnerabilities: An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client (CVE-2018-5710, CVE-2018-5729, CVE-2018-5730).

Affected Products

VendorProductVersionsPlatforms
Mageiafreshplayerplugin0 (affected), 0.3.9-1.mga6 (unaffected)
Mageiakrb51.15.1-2.3.mga6 (unaffected), 0 (affected), 1.15.1-2.3.mga6 (unaffected), 0 (affected)

Browse GCVE Records

72,580 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›