CVE Tools

heimdal project

Security Productscommercial

5

Cumulative CVEs

3

Monthly snapshots

#29

Peak rank

Top products

Latest CVEs

The 13 most recently published vulnerabilities affecting heimdal project.

CVE-2022-3116The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access to an application that depends on the vulnerable code path can cause the ...7.5Mar 27, 2023
CVE-2022-45142The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported t...7.5Mar 6, 2023
CVE-2021-44758Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferred_mech_type of GSS_C_NO_OID and a nonzero initial_response value to send_accept.7.5Dec 26, 2022
CVE-2022-44640Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).9.8Dec 25, 2022
CVE-2022-42898PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application serve...8.8Dec 25, 2022
CVE-2022-41916Read one byte past a buffer when normalizing Unicode5.9Nov 15, 2022
CVE-2018-16860A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in th...7.5Jul 31, 2019
CVE-2019-12098In the client side of Heimdal before 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. This issue is in krb5_init_creds_step in lib/krb5/init_c...7.4May 15, 2019
CVE-2017-17439In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditio...7.5Dec 6, 2017
CVE-2017-6594The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path...7.5Aug 28, 2017
CVE-2017-11103Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification...8.1Jul 13, 2017
CVE-2011-4862Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and po...10.0Dec 25, 2011
CVE-2004-0434k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-bas...9.8May 12, 2004