Mit · Mit Kerberos 5 · CVE-2017-11368
**Name of the Vulnerable Software and Affected Versions**
MIT Kerberos 5 (aka krb5) versions 1.7 and later
**Description**
The issue allows an authenticated attacker to cause a KDC assertion failure. This can be achieved by sending invalid S4U2Self or S4U2Proxy requests.
**Recommendations**
For versions 1.7 and later, at the moment, there is no information about a newer version that contains a fix for this vulnerability.