Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
heimdal heimdal vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0582
Unspecified vulnerability in rshd in Heimdal 0.6.x prior to 0.6.6 and 0.7.x prior to 0.7.2, when storing forwarded credentials, allows malicious users to overwrite arbitrary files and change file ownership via unknown vectors.
Kth Heimdal 0.6.2
Kth Heimdal 0.6.3
Kth Heimdal 0.6.1
Kth Heimdal 0.7.1.2
Kth Heimdal 0.7.1.3
Kth Heimdal 0.6.4
Kth Heimdal 0.6.5
Kth Heimdal 0.7.1
Kth Heimdal 0.7.1.1
NA
CVE-2006-0677
telnetd in Heimdal 0.6.x prior to 0.6.6 and 0.7.x prior to 0.7.2 allows remote unauthenticated malicious users to cause a denial of service (server crash) via unknown vectors that trigger a null dereference.
Kth Heimdal 0.7.1
Kth Heimdal 0.7.1.1
Kth Heimdal 0.6.1
Kth Heimdal 0.7.1.2
Kth Heimdal 0.7.1.3
Kth Heimdal 0.6.4
Kth Heimdal 0.6.5
Kth Heimdal 0.6.2
Kth Heimdal 0.6.3
NA
CVE-2004-0371
Heimdal 0.6.x prior to 0.6.1 and 0.5.x prior to 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path.
Kth Heimdal 0.4b
Kth Heimdal 0.4c
Kth Heimdal 0.5.1
Kth Heimdal 0.5.2
Kth Heimdal 0.4d
Kth Heimdal 0.4e
Kth Heimdal 0.5
Kth Heimdal 0.4a
Kth Heimdal 0.6.0
7.5
CVSSv3
CVE-2022-45142
The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branch...
Heimdal Project Heimdal 7.8.0
Heimdal Project Heimdal 7.7.1
NA
CVE-2002-1226
Unknown vulnerabilities in Heimdal prior to 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remote or local malicious users to gain root or other access, but not via buffer overflows (CVE-2002-1225).
Kth Heimdal 0.4b
Kth Heimdal 0.4c
Kth Heimdal 0.3e
Kth Heimdal 0.4a
Kth Heimdal 0.4d
Kth Heimdal 0.4e
NA
CVE-2002-1225
Multiple buffer overflows in Heimdal prior to 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote malicious users to gain root access.
Kth Heimdal 0.4a
Kth Heimdal 0.4b
Kth Heimdal 0.3e
Kth Heimdal 0.4c
Kth Heimdal 0.4d
Kth Heimdal 0.4e
7.5
CVSSv3
CVE-2022-3116
The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access to an application that depends on the vulnerable code path can cause the application to crash.
Heimdal Project Heimdal
7.5
CVSSv3
CVE-2021-44758
Heimdal prior to 7.7.1 allows malicious users to cause a NULL pointer dereference in a SPNEGO acceptor via a preferred_mech_type of GSS_C_NO_OID and a nonzero initial_response value to send_accept.
Heimdal Project Heimdal
NA
CVE-2007-5939
The gss_userok function in appl/ftp/ftpd/gss_userok.c in Heimdal 0.7.2 does not allocate memory for the ticketfile pointer before calling free, which allows remote malicious users to have an unknown impact via an invalid username. NOTE: the vulnerability was originally reported f...
Heimdal Heimdal 0.7.2
9.8
CVSSv3
CVE-2022-44640
Heimdal prior to 7.7.1 allows remote malicious users to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).
Heimdal Project Heimdal
Samba Samba
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »