Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:heimdal_project:heimdal:7.7.0:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2022-3116 |
The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access to an application that depends on the vulnerable code path can cause the application to crash. Published: March 27, 2023; 6:15:11 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2021-44758 |
Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferred_mech_type of GSS_C_NO_OID and a nonzero initial_response value to send_accept. Published: December 26, 2022; 12:15:10 AM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2022-42898 |
PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug." Published: December 25, 2022; 1:15:09 AM -0500 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2022-44640 |
Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC). Published: December 25, 2022; 12:15:11 AM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2022-41916 |
Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial of service vulnerability in Heimdal's PKI certificate validation library, affecting the KDC (via PKINIT) and kinit (via PKINIT), as well as any third-party applications using Heimdal's libhx509. Users should upgrade to Heimdal 7.7.1 or 7.8. There are no known workarounds for this issue. Published: November 15, 2022; 6:15:27 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |