772 matches found
Astra Linux - уязвимость в heimdal
The fix for CVE-2022-3437 involved changing the memcmp function to run in constant time, as well as providing a workaround for a compiler bug by adding comparisons of the result with the value “!= 0” to the memcmp function. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0...
Astra Linux - уязвимость в heimdal
Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial-of-service vulnerability in Heimdal’s PKI certificate validation library. This vulnerability affects the KDC via PKINIT and kinit via PKINIT, as well as any third-party applications...
Astra Linux - уязвимость в heimdal, samba
Before version 7.7.1, Heimdal allowed remote attackers to execute arbitrary code due to an invalid free operation in the ASN.1 codec used by the Key Distribution Center KDC...
Astra Linux - уязвимость в heimdal
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11, and 4.11.x before 4.11.3 have a issue where the S4U MS-SFU Kerberos delegation model includes a feature that allows a subset of clients to be opt-out from constrained delegation in either S4U2Self or regular Kerberos authentication...
Astra Linux - уязвимость в heimdal, krb5
PAC parsing in MIT Kerberos 5 aka krb5 before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution in KDC, kadmind, or a GSS or Kerberos application server on 32-bit platforms which have a resultant heap-based buffer overflow, and cause a denial of service ...
Astra Linux - уязвимость в heimdal
Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferredmechtype of GSSCNOOID and a nonzero initialresponse value to sendaccept...
Astra Linux - уязвимость в heimdal, samba
A heap-based buffer overflow vulnerability was discovered in Samba, within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow for a length-limited write buffer overflow on memory allocated by malloc, when a...
JLSEC-2026-91
PAC parsing in MIT Kerberos 5 aka krb5 before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution in KDC, kadmind, or a GSS or Kerberos application server on 32-bit platforms which have a resultant heap-based buffer overflow, and cause a denial of service ...
Malicious code in heimdal-credentials (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 44b549b64558430b61d35bb2eb2cfcf8ec15d75bacb38af8f34deafe5d6add2c During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...
MAL-2026-1140 Malicious code in heimdal-credentials (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 44b549b64558430b61d35bb2eb2cfcf8ec15d75bacb38af8f34deafe5d6add2c During import, only in specific environments, a module containing code disguised as telemetry is imported. This code then exfiltrates sensitive environment...
EUVD-2014-1394
Malware in sbrugna...
EUVD-2018-17128
Malware in sbrugna...
EUVD-2002-1210
Malware in sbrugna...
EUVD-2019-3750
Malware in sbrugna...
EUVD-2005-2042
Malware in sbrugna...
EUVD-2015-5859
Malware in sbrugna...
EUVD-2017-8603
Malware in sbrugna...
EUVD-2006-3080
Malware in sbrugna...
EUVD-2002-1209
Malware in sbrugna...
EUVD-2006-0684
Malware in sbrugna...