6 matches found
CVE-2006-0582
CVE-2006-0582 affects Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2. In rshd, when storing forwarded credentials, an attacker can overwrite arbitrary files and change file ownership via unknown vectors. This is a local‑impact vulnerability with low CVSS base score (2.1) per the NVD data, and ...
CVE-2006-0677
CVE-2006-0677 affects Heimdal telnetd (0.6.x before 0.6.6 and 0.7.x before 0.7.2). A remote attacker can cause a denial-of-service by triggering a null dereference in the telnet server, crashing inetd or the service before user login. Affected advisories reference Heimdal telnetd vulnerability an...
CVE-2002-1226
CVE-2002-1226 refers to unknown vulnerabilities in Heimdal prior to 0.5, potentially affecting the kadmind and kdc servers, with the impact described as gaining root or other access but not due to buffer overflows (distinct from CVE-2002-1225). Connected sources identify Debian/Debian-based advis...
CVE-2002-1225
CVE-2002-1225 and CVE-2002-1226 pertain to multiple buffer overflows in Heimdal prior to 0.5, likely affecting kadmind and kdc servers, which may allow remote root access. Public sources (NVD, Debian DSA) describe remote exploitation risk and indicate fixes/upgrades in Debian (DSA-178-1) and rela...
CVE-2002-0754
Affected software : Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier. Vulnerability : k5su relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them. Impact : potential privilege e...
CVE-2004-0371
CVE-2004-0371 affects Heimdal Kerberos implementations prior to fixed versions (0.6.1 and 0.5.x vulnerable ranges). The issue is incorrect validation of cross-realm trust paths, i.e., missing/insufficient checks of the transited/realm chain, allowing a domain controller or realm host with control...