Astra Linux - уязвимость в heimdal, samba

A heap-based buffer overflow vulnerability was discovered in Samba, within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow for a length-limited write buffer overflow on memory allocated by malloc, when a...

Linux Distros Unpatched Vulnerability : CVE-2022-3437

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption...

USN-5936-1 samba vulnerabilities

Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. CVE-2022-3437 Tom Tervoort discovered that Samba incorrectly used weak rc4-hmac Kerber...

USN-5849-1: Heimdal vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Helmut Grohne discovered that Heimdal GSSAPI incorrectly handled logical conditions that are related to memory management operations. An attacker could possibly use this issue to...

USN-5849-1 heimdal vulnerabilities

Helmut Grohne discovered that Heimdal GSSAPI incorrectly handled logical conditions that are related to memory management operations. An attacker could possibly use this issue to cause a denial of service...

AZL-37016 CVE-2022-3437 affecting package samba for versions less than 4.18.3-1

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a...

DEBIAN-CVE-2022-3437

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a...

CVE-2022-3437

CVE-2022-3437 is a heap-based buffer overflow in Samba’s use of Heimdal GSSAPI (unwrap_des/unwrap_des3). The fix involved making memcmp constant-time and patching a compiler-related issue by adding “!= 0” to memcmp results; backported patches were applied to heimdal-7.7.1 and 7.8.0 branches (and ...

CVE-2022-3437

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a...

PT-2022-5230 · Heimdal +9 · Heimdal +9

Name of the Vulnerable Software and Affected Versions: Samba affected versions not specified Description: A heap-based buffer overflow issue was found in the GSSAPI unwrap des and unwrap des3 routines of Heimdal, which is part of the Samba network interaction program. This issue allows a remote...