18 matches found
Azure Linux 3.0 Security Update: heimdal (CVE-2022-45142)
The version of heimdal installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-45142 advisory. - The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug ...
CVE-2022-45142 affecting package heimdal for versions less than 7.8.0-3
CVE-2022-45142 affecting package heimdal for versions less than 7.8.0-3. A patched version of the package is available...
Advisory ROSA-SA-2025-2638
software: heimdal 7.8.0 WASP: ROSA-CHROME packageevrstring: heimdal-7.8.0-2 CVE-ID: CVE-2022-45142 BDU-ID: 2023-02156 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Kerberos5 heimdal protocol implementation is related to incorrect validation of the integrity check value. Exploitation of the...
Security Bulletin: CVE-2022-45142, CVE-2022-4304, CVE-2022-4450 and CVE-2023-0215 may affect IBM CICS TX Advanced 10.1
Summary CVE-2022-45142, CVE-2022-4304, CVE-2022-4450 and CVE-2023-0215 may affect IBM CICS TX Advanced 10.1. IBM CICS TX Advanced 10.1 has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-45142 DESCRIPTION: Heimdal could allow a remote attacker to obtain sensitive information,...
CVE-2022-45142 affecting package heimdal 7.7.1-1
CVE-2022-45142 affecting package heimdal 7.7.1-1. A patched version of the package is available...
CBL Mariner 2.0 Security Update: heimdal (CVE-2022-45142)
The version of heimdal installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-45142 advisory. - The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug ...
CVE-2022-45142 affecting package heimdal for versions less than 7.7.1-2
CVE-2022-45142 affecting package heimdal for versions less than 7.7.1-2. A patched version of the package is available...
MGASA-2023-0098 Updated heimdal packages fix security vulnerability
The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to b...
Updated heimdal packages fix security vulnerability
The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to b...
CVE-2022-45142 vulnerabilities
Vulnerabilities for packages: heimdal...
CVE-2022-45142 vulnerabilities
Vulnerabilities for packages: heimdal...
CVE-2022-45142
The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches and possibly other branches a logic inversion sneaked...
CVE-2022-45142
The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches and possibly other branches a logic inversion sneaked...
USN-5849-1: Heimdal vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Helmut Grohne discovered that Heimdal GSSAPI incorrectly handled logical conditions that are related to memory management operations. An attacker could possibly use this issue to...
Debian: Security Advisory (DSA-5344-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-3311-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 5344-1] heimdal security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5344-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 08, 2023 https://www.debian.org/security/faq -...
Debian dla-3311 : heimdal-clients - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3311 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3311-1 [email protected]...