Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2017-11103
PUBLISHED
More InfoOfficial Page
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
View Known Exploited Vulnerability (KEV) details
Published At-13 Jul, 2017 | 13:00
Updated At-05 Aug, 2024 | 17:57
Rejected At-
▼CVE Numbering Authority (CNA)

Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encrypted version stored in 'enc_part' instead of the unencrypted version stored in 'ticket'. Use of the unencrypted version provides an opportunity for successful server impersonation and other attacks. NOTE: this CVE is only for Heimdal and other products that embed Heimdal code; it does not apply to other instances in which this part of the Kerberos 5 protocol specification is violated.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.apple.com/HT208221
x_refsource_CONFIRM
http://www.debian.org/security/2017/dsa-3912
vendor-advisory
x_refsource_DEBIAN
https://support.apple.com/HT208144
x_refsource_CONFIRM
https://www.orpheus-lyre.info/
x_refsource_MISC
https://www.freebsd.org/security/advisories/FreeBSD-SA-17:05.heimdal.asc
vendor-advisory
x_refsource_FREEBSD
http://www.securityfocus.com/bid/99551
vdb-entry
x_refsource_BID
http://www.securitytracker.com/id/1039427
vdb-entry
x_refsource_SECTRACK
https://www.samba.org/samba/security/CVE-2017-11103.html
x_refsource_CONFIRM
http://www.securitytracker.com/id/1038876
vdb-entry
x_refsource_SECTRACK
https://support.apple.com/HT208112
x_refsource_CONFIRM
https://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0
x_refsource_CONFIRM
http://www.h5l.org/advisories.html?show=2017-07-11
x_refsource_CONFIRM
Hyperlink: https://support.apple.com/HT208221
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.debian.org/security/2017/dsa-3912
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: https://support.apple.com/HT208144
Resource:
x_refsource_CONFIRM
Hyperlink: https://www.orpheus-lyre.info/
Resource:
x_refsource_MISC
Hyperlink: https://www.freebsd.org/security/advisories/FreeBSD-SA-17:05.heimdal.asc
Resource:
vendor-advisory
x_refsource_FREEBSD
Hyperlink: http://www.securityfocus.com/bid/99551
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.securitytracker.com/id/1039427
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://www.samba.org/samba/security/CVE-2017-11103.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securitytracker.com/id/1038876
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://support.apple.com/HT208112
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.h5l.org/advisories.html?show=2017-07-11
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.apple.com/HT208221
x_refsource_CONFIRM
x_transferred
http://www.debian.org/security/2017/dsa-3912
vendor-advisory
x_refsource_DEBIAN
x_transferred
https://support.apple.com/HT208144
x_refsource_CONFIRM
x_transferred
https://www.orpheus-lyre.info/
x_refsource_MISC
x_transferred
https://www.freebsd.org/security/advisories/FreeBSD-SA-17:05.heimdal.asc
vendor-advisory
x_refsource_FREEBSD
x_transferred
http://www.securityfocus.com/bid/99551
vdb-entry
x_refsource_BID
x_transferred
http://www.securitytracker.com/id/1039427
vdb-entry
x_refsource_SECTRACK
x_transferred
https://www.samba.org/samba/security/CVE-2017-11103.html
x_refsource_CONFIRM
x_transferred
http://www.securitytracker.com/id/1038876
vdb-entry
x_refsource_SECTRACK
x_transferred
https://support.apple.com/HT208112
x_refsource_CONFIRM
x_transferred
https://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0
x_refsource_CONFIRM
x_transferred
http://www.h5l.org/advisories.html?show=2017-07-11
x_refsource_CONFIRM
x_transferred
Hyperlink: https://support.apple.com/HT208221
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.debian.org/security/2017/dsa-3912
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: https://support.apple.com/HT208144
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.orpheus-lyre.info/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.freebsd.org/security/advisories/FreeBSD-SA-17:05.heimdal.asc
Resource:
vendor-advisory
x_refsource_FREEBSD
x_transferred
Hyperlink: http://www.securityfocus.com/bid/99551
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.securitytracker.com/id/1039427
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://www.samba.org/samba/security/CVE-2017-11103.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securitytracker.com/id/1038876
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://support.apple.com/HT208112
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://github.com/heimdal/heimdal/releases/tag/heimdal-7.4.0
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.h5l.org/advisories.html?show=2017-07-11
Resource:
x_refsource_CONFIRM
x_transferred
Details not found