CVE-2002-1225 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Heimdal

5 documents5 sources

Severity

10.0CRITICALNVD

EPSS

1.5%

top 18.97%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Heimdal Project Heimdal KTH Heimdal

Timeline

PublishedOct 28

Latest updateApr 30

Description

Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶Debianheimdal_project/heimdal< 0.4e-21+3

▶NVDkth/heimdal6 versions+5

Patches

Patch: www.debian.org ↗Patch: www.securityfocus.com ↗Patch: www.debian.org ↗

🔴Vulnerability Details

GHSA

GHSA-7gh5-g6w7-v7hq: Multiple buffer overflows in Heimdal before 0↗2022-04-30

▶

OSV

CVE-2002-1225: Multiple buffer overflows in Heimdal before 0↗2002-10-28

▶

CVEList

CVE-2002-1225: Multiple buffer overflows in Heimdal before 0↗2002-10-21

▶

📋Vendor Advisories

Debian

CVE-2002-1225: heimdal - Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmin...↗2002

▶