Page 4 of 20 results (0.009 seconds)

CVSS: 10.0EPSS: 5%CPEs: 2EXPL: 0

k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow. k5admind (kadmind) de Heimdal permite a atacantes remotos ejecutar código arbitrario mediante una petición de administración de Kerberos 4 con longitud de marco menor de 2, lo que conduce a un desbordameinte de búfer basado en el montón. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:09.kadmind.asc http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020998.html http://marc.info/?l=bugtraq&m=108386148126457&w=2 http://security.gentoo.org/glsa/glsa-200405-23.xml http://www.debian.org/security/2004/dsa-504 https://exchange.xforce.ibmcloud.com/vulnerabilities/16071 • CWE-131: Incorrect Calculation of Buffer Size •

CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 0

Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path. Heimdal 0.6.x anteriores a 0.6.1 y 0.5.x anteriores a 0.5.3 no realiza adecuadamente ciertas comprobaciones de consistencia de peticiones entre reinos, lo que permite a atacantes remotos con control de un reino impersonar a otros en la ruta de confianza entre reinos. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:08.heimdal.asc ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/009_kerberos.patch http://security.gentoo.org/glsa/glsa-200404-09.xml http://www.debian.org/security/2004/dsa-476 http://www.pdc.kth.se/heimdal/advisory/2004-04-01 https://exchange.xforce.ibmcloud.com/vulnerabilities/15701 •

CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0

Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows (CVE-2002-1225). • http://marc.info/?l=bugtraq&m=103341355708817&w=2 http://marc.info/?l=bugtraq&m=103462479621246&w=2 http://www.debian.org/security/2002/dsa-178 •

CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0

Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access. • http://marc.info/?l=bugtraq&m=103341355708817&w=2 http://marc.info/?l=bugtraq&m=103462479621246&w=2 http://www.debian.org/security/2002/dsa-178 http://www.iss.net/security_center/static/10116.php http://www.securityfocus.com/bid/5729 •

CVSS: 7.2EPSS: 0%CPEs: 13EXPL: 0

Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them. Kerberos 5 su (k5su) en FreeBSD 4.4 y anteriores se basa en la llamada al sistema getlogin para determinar si el usuario que esta ejecutando k5su es root, lo cual podría permitir a procesos sin privilegios, la obtención de permisos si ese proceso tiene un getlogin como root. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.asc http://www.iss.net/security_center/static/7956.php http://www.securityfocus.com/bid/3919 •