13 matches found
CVE-2022-42898
CVE-2022-42898 concerns integer overflow in PAC parsing within MIT Kerberos 5 (krb5) via the krb5_pac_parse function in lib/krb5/krb/pac.c. Affected: krb5 before 1.19.4 and 1.20.x before 1.20.1; 32-bit platforms may trigger remote code execution in KDC, kadmind, or a GSS/Kerberos application serv...
CVE-2017-11103
CVE-2017-11103 affects Heimdal (Kerberos); vulnerability arises from improper handling of the KDC-REP service name in krb5_extract_ticket, enabling remote service impersonation when the unencrypted service name is used instead of the encrypted enc_part. Apple’s security content (HT208112/HT208221...
CVE-2022-45142
CVE-2022-45142 is an issue in Heimdal where the backport of fixes for CVE-2022-3437 introduced a logic inversion that inverted MIC validation in gssapi/arcfour. Affected branches include heimdal-7.7.1 and 7.8.0 (and possibly other branches). The consequence is incorrect message integrity verifica...
CVE-2018-16860
The CVE-2018-16860 issue affects Samba’s Heimdal KDC implementation in AD DC mode, specifically versions 4.8.x (before 4.8.12), 4.9.x (before 4.9.8), and 4.10.x (before 4.10.3). The vulnerability is a flaw in the KDC handling that enables a man-in-the-middle attacker to intercept a KDC request an...
CVE-2011-4862
CVE-2011-4862 is a remote pre-authentication buffer overflow in the encryption handling of BSD telnetd: libtelnet/encrypt.c in telnetd on FreeBSD 7.3–9.0, krb5-appl 1.0.2 and earlier, Heimdal 1.5.1 and earlier, and GNU inetutils. The underlying bug allows arbitrary code execution by sending a lon...
CVE-2022-44640
CVE-2022-44640 relates to Heimdal prior to 7.7.1, where an invalid free in the ASN.1 codec used by the KDC may allow remote code execution. The vulnerability is replicated in multiple vendor advisories (e.g., Astra Linux bulletin and Debian/Alpine security trackers) and is described as enabling a...
CVE-2021-44758
CVE-2021-44758 affects Heimdal prior to 7.7.1 and is described in multiple sources. The issue is a NULL pointer dereference in a SPNEGO acceptor triggered when the initial SPNEGO token contains a preferred_mech_type of GSS_C_NO_OID and a nonzero initial_response value, allowing a remote attacker ...
CVE-2019-12098
CVE-2019-12098 affects Heimdal Kerberos 5 clients; the issue is failure to verify anonymous PKINIT KX (PA-PKINIT-KX) during the key exchange, enabling potential MITM. Public advisories indicate this was fixed in newer Heimdal releases (e.g., 7.6.0+ and later such as 7.7.0 in openSUSE/SUSE bundles...
CVE-2022-41916
CVE-2022-41916 is a denial-of-service vulnerability in Heimdal’s PKI certificate validation (libhx509). The issue affects Heimdal versions prior to 7.7.1, including KDC via PKINIT and kinit via PKINIT, and any third-party apps using libhx509. Public documentation consistently states that upgradin...
CVE-2022-3116
CVE-2022-3116 affects the Heimdal Software Kerberos 5 implementation. Multiple connected sources indicate a null pointer dereference in Heimdal that can cause an application crash when triggering the vulnerable code path over a networked interface. Affected packages include Heimdal versions older...
CVE-2017-17439
CVE-2017-17439 affects Heimdal (libheimdal) up to version 7.4, where a vulnerability in the ASN.1/DER handling can be triggered by a crafted UDP packet with empty client name or realm data. The issue causes the KDC to dereference NULL pointers in kdc/kerberos5.c and der_length.c, leading to a seg...
CVE-2004-0434
The CVE-2004-0434 vulnerability is confirmed by connected advisories: in Heimdal kadmind (Kerberos 5 with Kerberos 4 support), a remote attacker can send a Kerberos 4 framing length of less than 2, triggering a heap-based buffer overflow. This affects kadmind components when Kerberos 4 support is...
CVE-2017-6594
The CVE-2017-6594 issue affects the Heimdal Kerberos 5 implementation: the transit path validation code before 7.3 may bypass the capath policy by failing to add the previous hop realm to the transit path of issued tickets. This could allow attackers to bypass capath protections (impact described...