Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
heimdal vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2018-16860
A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and ...
Samba Samba
Heimdal Project Heimdal
5.8
CVSSv2
CVE-2019-12098
In the client side of Heimdal prior to 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. This issue is in krb5_init_creds_step in lib/krb5/init_creds_pw.c.
Heimdal Project Heimdal
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2017-17439
In Heimdal up to and including 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation...
Debian Debian Linux 9.0
Heimdal Project Heimdal
5
CVSSv2
CVE-2017-6594
The transit path validation code in Heimdal prior to 7.3 might allow malicious users to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets.
Heimdal Project Heimdal
Opensuse Leap 42.2
Opensuse Leap 42.3
5
CVSSv2
CVE-2014-1316
Heimdal, as used in Apple OS X up to and including 10.9.2, allows remote malicious users to cause a denial of service (abort and daemon exit) via ASN.1 data encountered in the Kerberos 5 protocol.
Apple Mac Os X 10.9.1
Apple Mac Os X
Apple Mac Os X 10.9
5
CVSSv2
CVE-2005-2040
Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal prior to 0.6.5 may allow remote malicious users to execute arbitrary code, a different vulnerability than CVE-2005-0468 and CVE-2005-0469.
Telnetd Telnetd 0.4c
Telnetd Telnetd 0.4d
Telnetd Telnetd 0.4e
Telnetd Telnetd 0.5.0
Telnetd Telnetd 0.6.1
Telnetd Telnetd 0.6.2
Telnetd Telnetd 0.4a
Telnetd Telnetd 0.5.2
Telnetd Telnetd 0.6
Telnetd Telnetd 0.3f
Telnetd Telnetd 0.4b
Telnetd Telnetd 0.5.1
Telnetd Telnetd 0.5.3
5
CVSSv2
CVE-2004-0371
Heimdal 0.6.x prior to 0.6.1 and 0.5.x prior to 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path.
Kth Heimdal 0.4b
Kth Heimdal 0.4c
Kth Heimdal 0.5.1
Kth Heimdal 0.5.2
Kth Heimdal 0.4d
Kth Heimdal 0.4e
Kth Heimdal 0.5
Kth Heimdal 0.4a
Kth Heimdal 0.6.0
5
CVSSv2
CVE-2002-1146
The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and previous versions, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual bo...
Gnu Glibc
5
CVSSv2
CVE-2001-1443
KTH Kerberos IV and Kerberos V (Heimdal) for Telnet clients do not encrypt connections if the server does not support the requested encryption, which allows remote malicious users to read communications via a man-in-the-middle attack.
Kth Kth Kerberos 4
Kth Kth Kerberos 5
4.6
CVSSv2
CVE-2018-5349
A vulnerability has been found in Heimdal PRO v2.2.190, but it is most likely also present in Heimdal FREE and Heimdal CORP. Faulty permissions on the directory "C:\ProgramData\Heimdal Security\Heimdal Agent" allow BUILTIN\Users to write new files to the directory. On s...
Heimdalsecurity Heimdal 2.2.190
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »