Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
heimdal vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2022-24618
Heimdal.Wizard.exe installer in Heimdal Premium Security 2.5.395 and previous versions has insecure permissions, which allows unprivileged local users to elevate privileges to SYSTEM via the "Browse For Folder" window accessible by triggering a "Repair" on the...
Heimdalsecurity Heimdal Premium Security
641
VMScore
CVE-2006-3083
The (1) krshd and (2) v4rcp applications in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x prior to 1.4.4, when running on Linux and AIX, and (b) Heimdal 0.7.2 and previous versions, do not check return codes for setuid calls, which allows local users to gain privileges by causin...
Heimdal Heimdal 0.7.2
Mit Kerberos 5 1.4.2
Mit Kerberos 5 1.4.3
Mit Kerberos 5 1.4
Mit Kerberos 5 1.4.1
Mit Kerberos 5 1.5
641
VMScore
CVE-2006-3084
The (1) ftpd and (2) ksu programs in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x prior to 1.4.4, and (b) Heimdal 0.7.2 and previous versions, do not check return codes for setuid calls, which might allow local users to gain privileges by causing setuid to fail to drop privileg...
Mit Kerberos 5 1.5
Heimdal Heimdal
Mit Kerberos 5 1.4
Mit Kerberos 5 1.4.1
Mit Kerberos 5 1.4.2
Mit Kerberos 5 1.4.3
641
VMScore
CVE-2002-0754
Kerberos 5 su (k5su) in FreeBSD 4.4 and previous versions relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them.
Freebsd Heimdal 0.4e
Kth Heimdal 0.4e
Freebsd Freebsd 4.0
Freebsd Freebsd 4.1
Freebsd Freebsd 4.1.1
Freebsd Freebsd 4.2
Freebsd Freebsd 4.3
Freebsd Freebsd 4.4
625
VMScore
CVE-2009-0360
Russ Allbery pam-krb5 prior to 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching...
Eyrie Pam-krb5 3.8
Eyrie Pam-krb5 3.7
Eyrie Pam-krb5 3.0
Eyrie Pam-krb5 2.6
Eyrie Pam-krb5
Eyrie Pam-krb5 3.11
Eyrie Pam-krb5 3.4
Eyrie Pam-krb5 3.3
Eyrie Pam-krb5 2.3
Eyrie Pam-krb5 2.2
Eyrie Pam-krb5 3.10
Eyrie Pam-krb5 3.9
Eyrie Pam-krb5 3.2
Eyrie Pam-krb5 3.1
Eyrie Pam-krb5 2.1
Eyrie Pam-krb5 2.0
Eyrie Pam-krb5 3.6
Eyrie Pam-krb5 3.5
Eyrie Pam-krb5 2.5
Eyrie Pam-krb5 2.4
1 EDB exploit
605
VMScore
CVE-2021-25216
In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if th...
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Isc Bind 9.11.7
Isc Bind 9.11.3
Isc Bind 9.11.6
Isc Bind 9.10.5
Isc Bind 9.11.5
Isc Bind 9.9.3
Isc Bind 9.10.7
Isc Bind 9.11.12
Isc Bind
Isc Bind 9.9.12
Isc Bind 9.9.13
Isc Bind 9.11.8
Isc Bind 9.11.21
Isc Bind 9.11.27
Isc Bind 9.11.29
Isc Bind 9.16.8
Isc Bind 9.16.11
Isc Bind 9.16.13
Siemens Sinec Infrastructure Network Services
Netapp Cloud Backup -
1 Github repository
1 Article
605
VMScore
CVE-2017-11103
Heimdal prior to 7.4 allows remote malicious users to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained ...
Heimdal Project Heimdal
Freebsd Freebsd -
Samba Samba
Apple Mac Os X
Apple Iphone Os
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
605
VMScore
CVE-2015-5913
Heimdal, as used in Apple OS X prior to 10.11, allows remote malicious users to conduct replay attacks against the SMB server via packet data that represents a Kerberos authenticated request.
Apple Mac Os X
571
VMScore
CVE-2019-14870
All Samba versions 4.x.x prior to 4.9.17, 4.10.x prior to 4.10.11 and 4.11.x prior to 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self o...
Samba Samba
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
570
VMScore
CVE-2019-8351
Heimdal Thor Agent 2.5.17x prior to 2.5.173 does not verify X.509 certificates from TLS servers, which allows remote malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Heimdalsecurity Thor 2.5.170
Heimdalsecurity Thor 2.5.171
Heimdalsecurity Thor 2.5.172
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »