CVE-2017-11368
- Source
- https://cve.org/CVERecord?id=CVE-2017-11368
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-11368.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-11368
- Downstream
- Related
- Published
- 2017-08-09T18:29:01.450Z
- Modified
- 2026-04-11T04:47:19.217240Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests.
- References
-
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4HNWXM6OQU7G23MG7XWIOBRGP43ECLDT/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBUTXMNZWMVJLQ4NDX5OQFPUVCJRLV3W/
- http://www.securityfocus.com/bid/100291
- https://access.redhat.com/errata/RHSA-2018:0666
- https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970
Affected packages
Git / github.com/krb5/krb5
Affected ranges
- Type
- GIT
- Repo
- https://github.com/krb5/krb5
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedFixed
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "1.7" }, { "introduced": "0" }, { "last_affected": "1.7.1" }, { "introduced": "0" }, { "last_affected": "1.8" }, { "introduced": "0" }, { "last_affected": "1.8.1" }, { "introduced": "0" }, { "last_affected": "1.8.2" }, { "introduced": "0" }, { "last_affected": "1.8.3" }, { "introduced": "0" }, { "last_affected": "1.8.4" }, { "introduced": "0" }, { "last_affected": "1.8.5" }, { "introduced": "0" }, { "last_affected": "1.8.6" }, { "introduced": "0" }, { "last_affected": "1.9" }, { "introduced": "0" }, { "last_affected": "1.9.1" }, { "introduced": "0" }, { "last_affected": "1.9.2" }, { "introduced": "0" }, { "last_affected": "1.9.3" }, { "introduced": "0" }, { "last_affected": "1.9.4" }, { "introduced": "0" }, { "last_affected": "1.10" }, { "introduced": "0" }, { "last_affected": "1.10.1" }, { "introduced": "0" }, { "last_affected": "1.10.2" }, { "introduced": "0" }, { "last_affected": "1.10.3" }, { "introduced": "0" }, { "last_affected": "1.10.4" }, { "introduced": "0" }, { "last_affected": "1.11" }, { "introduced": "0" }, { "last_affected": "1.11.1" }, { "introduced": "0" }, { "last_affected": "1.11.2" }, { "introduced": "0" }, { "last_affected": "1.11.3" }, { "introduced": "0" }, { "last_affected": "1.11.4" }, { "introduced": "0" }, { "last_affected": "1.11.5" }, { "introduced": "0" }, { "last_affected": "1.12" }, { "introduced": "0" }, { "last_affected": "1.12.1" }, { "introduced": "0" }, { "last_affected": "1.12.2" }, { "introduced": "0" }, { "last_affected": "1.12.3" }, { "introduced": "0" }, { "last_affected": "1.13" }, { "introduced": "0" }, { "last_affected": "1.13.1" }, { "introduced": "0" }, { "last_affected": "1.13.2" }, { "introduced": "0" }, { "last_affected": "1.13.3" }, { "introduced": "0" }, { "last_affected": "1.13.5" }, { "introduced": "0" }, { "last_affected": "1.13.6" }, { "introduced": "0" }, { "last_affected": "1.14" }, { "introduced": "0" }, { "last_affected": "1.14-alpha1" }, { "introduced": "0" }, { "last_affected": "1.14-beta1" }, { "introduced": "0" }, { "last_affected": "1.14-beta2" }, { "introduced": "0" }, { "last_affected": "1.14.1" }, { "introduced": "0" }, { "last_affected": "1.14.2" }, { "introduced": "0" }, { "last_affected": "1.14.3" }, { "introduced": "0" }, { "last_affected": "1.14.4" }, { "introduced": "0" }, { "last_affected": "1.14.5" }, { "introduced": "0" }, { "last_affected": "1.15" }, { "introduced": "0" }, { "last_affected": "1.15.1" } ] }
Affected versions
kfw-4.*
kfw-4.0-final
kfw-4.0.1-beta1
kfw-4.0.1-final
kfw-4.1-beta1
kfw-4.1-beta2
kfw-4.1-beta3
kfw-4.1-beta3-mit
krb5-1.*
krb5-1.10-final
krb5-1.10.1-final
krb5-1.10.2-final
krb5-1.10.3-final
krb5-1.10.4-final
krb5-1.11-alpha1
krb5-1.11-beta1
krb5-1.11-beta2
krb5-1.11-final
krb5-1.11.1-final
krb5-1.11.2-final
krb5-1.11.3-final
krb5-1.11.4-final
krb5-1.11.5-final
krb5-1.12-alpha1
krb5-1.12-beta1
krb5-1.12-beta2
krb5-1.12-final
krb5-1.12.1-final
krb5-1.12.2-final
krb5-1.12.3-final
krb5-1.13-alpha1
krb5-1.13-beta1
krb5-1.13-final
krb5-1.13.1-final
krb5-1.13.2-final
krb5-1.13.3-final
krb5-1.13.4-final
krb5-1.13.5-final
krb5-1.13.6-final
krb5-1.14-alpha1
krb5-1.14-beta1
krb5-1.14-beta2
krb5-1.14-final
krb5-1.14.1-final
krb5-1.14.2-final
krb5-1.14.3-final
krb5-1.14.4-final
krb5-1.14.5-final
krb5-1.15-beta1
krb5-1.15-beta2
krb5-1.15-final
krb5-1.15.1-final
krb5-1.7-final
krb5-1.7.1-final
krb5-1.8-final
krb5-1.8.1-final
krb5-1.8.2-final
krb5-1.8.3-final
krb5-1.8.4-final
krb5-1.8.5-final
krb5-1.8.6-final
krb5-1.9-final
krb5-1.9.1-final
krb5-1.9.2-final
krb5-1.9.3-final
krb5-1.9.4-final
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "25"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "26"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "5-1.13.7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.15.1-beta1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.15.1-beta2"
}
]
}
]
vanir_signatures_modified
"2026-04-11T04:47:19Z"
vanir_signatures
[
{
"deprecated": false,
"target": {
"file": "src/kdc/kdc_util.c",
"function": "kdc_process_s4u2proxy_req"
},
"id": "CVE-2017-11368-16ce6abc",
"signature_type": "Function",
"source": "https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970",
"signature_version": "v1",
"digest": {
"function_hash": "330028959243753203609613709933773874074",
"length": 653.0
}
},
{
"deprecated": false,
"target": {
"file": "src/kdc/do_tgs_req.c",
"function": "process_tgs_req"
},
"id": "CVE-2017-11368-5bf800eb",
"signature_type": "Function",
"source": "https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970",
"signature_version": "v1",
"digest": {
"function_hash": "83240240999769545177314307306634696539",
"length": 15624.0
}
},
{
"deprecated": false,
"target": {
"file": "src/kdc/kdc_util.c",
"function": "kdc_process_for_user"
},
"id": "CVE-2017-11368-755de4b8",
"signature_type": "Function",
"source": "https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970",
"signature_version": "v1",
"digest": {
"function_hash": "156221043922931185817485653085623573900",
"length": 673.0
}
},
{
"deprecated": false,
"target": {
"file": "src/kdc/kdc_util.c"
},
"id": "CVE-2017-11368-a6179004",
"signature_type": "Line",
"source": "https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970",
"signature_version": "v1",
"digest": {
"line_hashes": [
"283975676019297401139999035662419444645",
"282672820768443496025395926450658577906",
"47215875968588905788377893875480578522",
"91415356043600347659629545620442554514",
"99052052106133597793956133896851414116",
"184992862356724350174483412619012981443",
"180808050400054218726783860965016757985",
"298778936289824725957268107039822507847",
"73155155861381541010112379124029782245",
"99432362990357885032626879684404162822",
"218227452749620134082433343964277257909",
"114506724569938914743330379561712543200",
"37246406000188172841916433720272670724",
"78014914416155917900049677080906534854",
"272232022684417892734841124247077554087",
"298769036358435233077422396747719161328",
"129707705023951043827643630971048549541",
"70541791018619243244654308933730348437"
],
"threshold": 0.9
}
},
{
"deprecated": false,
"target": {
"file": "src/kdc/kdc_util.c",
"function": "kdc_process_s4u_x509_user"
},
"id": "CVE-2017-11368-ae10ded1",
"signature_type": "Function",
"source": "https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970",
"signature_version": "v1",
"digest": {
"function_hash": "74531147696732265420744333821386430488",
"length": 771.0
}
},
{
"deprecated": false,
"target": {
"file": "src/kdc/do_tgs_req.c"
},
"id": "CVE-2017-11368-ca597638",
"signature_type": "Line",
"source": "https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970",
"signature_version": "v1",
"digest": {
"line_hashes": [
"325367889476803086856633468511928700848",
"68989466184981042379603439399162329417",
"173256510690270124507023254971734967536",
"115082524213724777578031700444571321986"
],
"threshold": 0.9
}
},
{
"deprecated": false,
"target": {
"file": "src/kdc/do_as_req.c"
},
"id": "CVE-2017-11368-ea438f50",
"signature_type": "Line",
"source": "https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970",
"signature_version": "v1",
"digest": {
"line_hashes": [
"311703179622825782984481815100440141886",
"256372248361650419130344277581095724040",
"89102105830819084952166022460426190619",
"108192380190004863950675277511866253291",
"44123480385076308243782818462219067811"
],
"threshold": 0.9
}
},
{
"deprecated": false,
"target": {
"file": "src/kdc/do_as_req.c",
"function": "finish_process_as_req"
},
"id": "CVE-2017-11368-fcaca95d",
"signature_type": "Function",
"source": "https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970",
"signature_version": "v1",
"digest": {
"function_hash": "176621686112374436775066263314571356236",
"length": 7164.0
}
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-11368.json"