Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
heimdal vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2006-3083
The (1) krshd and (2) v4rcp applications in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x prior to 1.4.4, when running on Linux and AIX, and (b) Heimdal 0.7.2 and previous versions, do not check return codes for setuid calls, which allows local users to gain privileges by causin...
Heimdal Heimdal 0.7.2
Mit Kerberos 5 1.4.2
Mit Kerberos 5 1.4.3
Mit Kerberos 5 1.4
Mit Kerberos 5 1.4.1
Mit Kerberos 5 1.5
7.2
CVSSv2
CVE-2006-3084
The (1) ftpd and (2) ksu programs in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x prior to 1.4.4, and (b) Heimdal 0.7.2 and previous versions, do not check return codes for setuid calls, which might allow local users to gain privileges by causing setuid to fail to drop privileg...
Mit Kerberos 5 1.5
Heimdal Heimdal
Mit Kerberos 5 1.4
Mit Kerberos 5 1.4.1
Mit Kerberos 5 1.4.2
Mit Kerberos 5 1.4.3
7.8
CVSSv2
CVE-2006-0677
telnetd in Heimdal 0.6.x prior to 0.6.6 and 0.7.x prior to 0.7.2 allows remote unauthenticated malicious users to cause a denial of service (server crash) via unknown vectors that trigger a null dereference.
Kth Heimdal 0.7.1
Kth Heimdal 0.7.1.1
Kth Heimdal 0.6.1
Kth Heimdal 0.7.1.2
Kth Heimdal 0.7.1.3
Kth Heimdal 0.6.4
Kth Heimdal 0.6.5
Kth Heimdal 0.6.2
Kth Heimdal 0.6.3
2.1
CVSSv2
CVE-2006-0582
Unspecified vulnerability in rshd in Heimdal 0.6.x prior to 0.6.6 and 0.7.x prior to 0.7.2, when storing forwarded credentials, allows malicious users to overwrite arbitrary files and change file ownership via unknown vectors.
Kth Heimdal 0.6.2
Kth Heimdal 0.6.3
Kth Heimdal 0.6.1
Kth Heimdal 0.7.1.2
Kth Heimdal 0.7.1.3
Kth Heimdal 0.6.4
Kth Heimdal 0.6.5
Kth Heimdal 0.7.1
Kth Heimdal 0.7.1.1
5
CVSSv2
CVE-2005-2040
Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal prior to 0.6.5 may allow remote malicious users to execute arbitrary code, a different vulnerability than CVE-2005-0468 and CVE-2005-0469.
Telnetd Telnetd 0.4c
Telnetd Telnetd 0.4d
Telnetd Telnetd 0.4e
Telnetd Telnetd 0.5.0
Telnetd Telnetd 0.6.1
Telnetd Telnetd 0.6.2
Telnetd Telnetd 0.4a
Telnetd Telnetd 0.5.2
Telnetd Telnetd 0.6
Telnetd Telnetd 0.3f
Telnetd Telnetd 0.4b
Telnetd Telnetd 0.5.1
Telnetd Telnetd 0.5.3
10
CVSSv2
CVE-2004-0434
k5admind (kadmind) for Heimdal allows remote malicious users to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow.
Heimdal Project Heimdal
Debian Debian Linux 3.0
5
CVSSv2
CVE-2004-0371
Heimdal 0.6.x prior to 0.6.1 and 0.5.x prior to 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path.
Kth Heimdal 0.4b
Kth Heimdal 0.4c
Kth Heimdal 0.5.1
Kth Heimdal 0.5.2
Kth Heimdal 0.4d
Kth Heimdal 0.4e
Kth Heimdal 0.5
Kth Heimdal 0.4a
Kth Heimdal 0.6.0
7.5
CVSSv2
CVE-2003-0138
Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an malicious user to impersonate any principal in a realm via a chosen-plaintext attack.
Mit Kerberos 4
10
CVSSv2
CVE-2002-1235
The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and previous versions, (2) kadmind in KTH Kerberos 4 (eBones) prior to 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) prior to 0.5.1 when comp...
Kth Kth Kerberos 4
Kth Kth Kerberos 5
Mit Kerberos 5
Debian Debian Linux 3.0
10
CVSSv2
CVE-2002-1225
Multiple buffer overflows in Heimdal prior to 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote malicious users to gain root access.
Kth Heimdal 0.4a
Kth Heimdal 0.4b
Kth Heimdal 0.3e
Kth Heimdal 0.4c
Kth Heimdal 0.4d
Kth Heimdal 0.4e
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »