4 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-6594
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the...
CVE-2017-6594
The CVE-2017-6594 issue affects the Heimdal Kerberos 5 implementation: the transit path validation code before 7.3 may bypass the capath policy by failing to add the previous hop realm to the transit path of issued tickets. This could allow attackers to bypass capath protections (impact described...
openSUSE Security Update : libheimdal (openSUSE-2017-937) (Orpheus' Lyre)
This update for libheimdal fixes the following issues : - Fix CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation. This is a critical vulnerability. In krb5extractticket the KDC-REP service name must be obtained from encrypted version stored in 'encpart' instead of the unencrypted versi...
heimdal -- bypass of capath policy
Viktor Dukhovni reports: Commit f469fc6 2010-10-02 inadvertently caused the previous hop realm to not be added to the transit path of issued tickets. This may, in some cases, enable bypass of capath policy in Heimdal versions 1.5 through 7.2. Note, this may break sites that rely on the bug. With...