Heimdal Project Heimdal vulnerabilities

26 known vulnerabilities affecting heimdal_project/heimdal.

Total CVEs
26
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL6HIGH14MEDIUM5LOW1

Vulnerabilities

Page 2 of 2
CVE-2004-0434CRITICALCVSS 9.8fixed in 0.6.22004-07-07
CVE-2004-0434 [CRITICAL] CWE-131 CVE-2004-0434: k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 co k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow.
nvdosv
CVE-2004-0371MEDIUMCVSS 5.0≥ 0, < 0.6.1-12004-05-04
CVE-2004-0371 [MEDIUM] CVE-2004-0371: Heimdal 0 Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path.
osv
CVE-2003-0138HIGHCVSS 7.5≥ 0, < 0.5.2-12003-03-24
CVE-2003-0138 [HIGH] CVE-2003-0138: Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a cho Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack.
osv
CVE-2002-1235CRITICALCVSS 10.0≥ 0, < 0.4e-222002-11-04
CVE-2002-1235 [CRITICAL] CVE-2002-1235: The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1 The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the lengt
osv
CVE-2002-1225CRITICALCVSS 10.0≥ 0, < 0.4e-212002-10-28
CVE-2002-1225 [CRITICAL] CVE-2002-1225: Multiple buffer overflows in Heimdal before 0 Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access.
osv
CVE-2002-1226CRITICALCVSS 10.0≥ 0, < 0.4e-212002-10-28
CVE-2002-1226 [CRITICAL] CVE-2002-1226: Unknown vulnerabilities in Heimdal before 0 Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows (CVE-2002-1225).
osv
← Previous2 / 2