Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
heimdal vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-0371
Heimdal 0.6.x prior to 0.6.1 and 0.5.x prior to 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path.
Kth Heimdal 0.4b
Kth Heimdal 0.4c
Kth Heimdal 0.5.1
Kth Heimdal 0.5.2
Kth Heimdal 0.4d
Kth Heimdal 0.4e
Kth Heimdal 0.5
Kth Heimdal 0.4a
Kth Heimdal 0.6.0
NA
CVE-2006-0582
Unspecified vulnerability in rshd in Heimdal 0.6.x prior to 0.6.6 and 0.7.x prior to 0.7.2, when storing forwarded credentials, allows malicious users to overwrite arbitrary files and change file ownership via unknown vectors.
Kth Heimdal 0.6.2
Kth Heimdal 0.6.3
Kth Heimdal 0.6.1
Kth Heimdal 0.7.1.2
Kth Heimdal 0.7.1.3
Kth Heimdal 0.6.4
Kth Heimdal 0.6.5
Kth Heimdal 0.7.1
Kth Heimdal 0.7.1.1
NA
CVE-2006-0677
telnetd in Heimdal 0.6.x prior to 0.6.6 and 0.7.x prior to 0.7.2 allows remote unauthenticated malicious users to cause a denial of service (server crash) via unknown vectors that trigger a null dereference.
Kth Heimdal 0.7.1
Kth Heimdal 0.7.1.1
Kth Heimdal 0.6.1
Kth Heimdal 0.7.1.2
Kth Heimdal 0.7.1.3
Kth Heimdal 0.6.4
Kth Heimdal 0.6.5
Kth Heimdal 0.6.2
Kth Heimdal 0.6.3
7.5
CVSSv3
CVE-2022-45142
The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branch...
Heimdal Project Heimdal 7.8.0
Heimdal Project Heimdal 7.7.1
NA
CVE-2002-1226
Unknown vulnerabilities in Heimdal prior to 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remote or local malicious users to gain root or other access, but not via buffer overflows (CVE-2002-1225).
Kth Heimdal 0.4b
Kth Heimdal 0.4c
Kth Heimdal 0.3e
Kth Heimdal 0.4a
Kth Heimdal 0.4d
Kth Heimdal 0.4e
NA
CVE-2002-1225
Multiple buffer overflows in Heimdal prior to 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote malicious users to gain root access.
Kth Heimdal 0.4a
Kth Heimdal 0.4b
Kth Heimdal 0.3e
Kth Heimdal 0.4c
Kth Heimdal 0.4d
Kth Heimdal 0.4e
7.5
CVSSv3
CVE-2021-44758
Heimdal prior to 7.7.1 allows malicious users to cause a NULL pointer dereference in a SPNEGO acceptor via a preferred_mech_type of GSS_C_NO_OID and a nonzero initial_response value to send_accept.
Heimdal Project Heimdal
NA
CVE-2007-5939
The gss_userok function in appl/ftp/ftpd/gss_userok.c in Heimdal 0.7.2 does not allocate memory for the ticketfile pointer before calling free, which allows remote malicious users to have an unknown impact via an invalid username. NOTE: the vulnerability was originally reported f...
Heimdal Heimdal 0.7.2
7.5
CVSSv3
CVE-2022-3116
The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access to an application that depends on the vulnerable code path can cause the application to crash.
Heimdal Project Heimdal
7.5
CVSSv3
CVE-2018-16860
A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and ...
Samba Samba
Heimdal Project Heimdal
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »