10 matches found
EUVD-2014-1394
Malware in sbrugna...
Privilege Escalation
heimdal is vulnerable to privilege escalation. The vulnerability exists as heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In krb5extractticket th...
Code injection
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In krb5extractticket the KDC-REP service name must be obtained from the encrypted version stored i...
CVE-2017-11103
CVE-2017-11103 affects Heimdal (Kerberos); vulnerability arises from improper handling of the KDC-REP service name in krb5_extract_ticket, enabling remote service impersonation when the unencrypted service name is used instead of the encrypted enc_part. Appleās security content (HT208112/HT208221...
CVE-2017-11103
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In krb5extractticket the KDC-REP service name must be obtained from the encrypted version stored i...
CVE-2017-11103
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In krb5extractticket the KDC-REP service name must be obtained from the encrypted version stored i...
CVE-2017-11103
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In krb5extractticket the KDC-REP service name must be obtained from the encrypted version stored i...
CVE-2017-11103
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In krb5extractticket the KDC-REP service name must be obtained from the encrypted version stored i...
Design/Logic Flaw
Heimdal, as used in Apple OS X through 10.9.2, allows remote attackers to cause a denial of service abort and daemon exit via ASN.1 data encountered in the Kerberos 5 protocol...
CVE-2014-1316
Heimdal, as used in Apple OS X through 10.9.2, allows remote attackers to cause a denial of service abort and daemon exit via ASN.1 data encountered in the Kerberos 5 protocol...