Heimdal Project Heimdal vulnerabilities
26 known vulnerabilities affecting heimdal_project/heimdal.
Total CVEs
26
CISA KEV
0
Public exploits
1
Exploited in wild
2
Severity breakdown
CRITICAL6HIGH14MEDIUM5LOW1
Vulnerabilities
Page 2 of 2
CVE-2002-1226P4CRITICALCVSS 10.0≥ 0, < 0.4e-212002-10-28
CVE-2002-1226 [CRITICAL] CVE-2002-1226: Unknown vulnerabilities in Heimdal before 0
Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows (CVE-2002-1225).
osv
CVE-2006-0677P4HIGHCVSS 7.8≥ 0, < 0.7.2-12006-02-14
CVE-2006-0677 [HIGH] CVE-2006-0677: telnetd in Heimdal 0
telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows remote unauthenticated attackers to cause a denial of service (server crash) via unknown vectors that trigger a null dereference.
osv
CVE-2003-0138P4HIGHCVSS 7.5≥ 0, < 0.5.2-12003-03-24
CVE-2003-0138 [HIGH] CVE-2003-0138: Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a cho
Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack.
osv
CVE-2005-2040P4HIGHCVSS 7.5≥ 0, < 0.6.3-112005-06-20
CVE-2005-2040 [HIGH] CVE-2005-2040: Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal before 0
Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal before 0.6.5 may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2005-0468 and CVE-2005-0469.
osv
CVE-2004-0371P4MEDIUMCVSS 5.0≥ 0, < 0.6.1-12004-05-04
CVE-2004-0371 [MEDIUM] CVE-2004-0371: Heimdal 0
Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path.
osv
CVE-2006-0582P4LOWCVSS 2.1≥ 0, < 0.7.2-12006-02-08
CVE-2006-0582 [LOW] CVE-2006-0582: Unspecified vulnerability in rshd in Heimdal 0
Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors.
osv
← Previous2 / 2