CVSS: 6.8EPSS: 3%CPEs: 4EXPL: 2CVE-2012-6303 – WaveSurfer 1.8.8p4 - Memory Corruption (PoC)
https://notcve.org/view.php?id=CVE-2012-6303
Heap-based buffer overflow in the GetWavHeader function in generic/jkSoundFile.c in the Snack Sound Toolkit, as used in WaveSurfer 1.8.8p4, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large chunk size in a WAV file. Desbordamiento de buffer basado en memoria dinámica en la función GetWavHeader en generic/jkSoundfile.c en Snack Sound Toolkit, usado en WaveSurfer 1.8.8p4, permite a atacantes remotos causar denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de fragmentos de gran tamaño en un fichero WAV. • https://www.exploit-db.com/exploits/19772 http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00034.html http://secunia.com/advisories/49889 http://security.gentoo.org/glsa/glsa-201309-04.xml http://www.exploit-db.com/exploits/19772 http://www.mandriva.com/security/advisories?name=MDVSA-2013:126 http://www.openwall.com/lists/oss-security/2012/12/10/2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 13%CPEs: 9EXPL: 0CVE-2006-0677
https://notcve.org/view.php?id=CVE-2006-0677
telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows remote unauthenticated attackers to cause a denial of service (server crash) via unknown vectors that trigger a null dereference. • http://secunia.com/advisories/18894 http://secunia.com/advisories/18961 http://secunia.com/advisories/19005 http://securityreason.com/securityalert/449 http://www.debian.org/security/2006/dsa-977 http://www.osvdb.org/23244 http://www.securityfocus.com/archive/1/426043/100/0/threaded http://www.securityfocus.com/bid/16676 http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html http://www.ubuntu.com/usn/usn-253-1 http://www.vupen.com/english/advisori •
CVSS: 2.1EPSS: 0%CPEs: 9EXPL: 0CVE-2006-0582
https://notcve.org/view.php?id=CVE-2006-0582
Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors. Vulnerabilidad no especificada en Heimdal 0.6.x anteriores a 0.6.6 y 0.7.x anteriores a 0.7.2 cuando se almacenan credenciales remitidos, permite a atacantes sobreescribir ficheros de su elección y cambiar la propiedad de los ficheros mediante vectores desconocidos. • http://secunia.com/advisories/18733 http://secunia.com/advisories/18806 http://secunia.com/advisories/18894 http://secunia.com/advisories/19005 http://secunia.com/advisories/19302 http://securitytracker.com/id?1015591 http://www.debian.org/security/2006/dsa-977 http://www.gentoo.org/security/en/glsa/glsa-200603-14.xml http://www.osvdb.org/22986 http://www.pdc.kth.se/heimdal/advisory/2006-02-06 http://www.securityfocus.com/archive/1/426043/100/0/threaded http: •
CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 0CVE-2004-0371
https://notcve.org/view.php?id=CVE-2004-0371
Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path. Heimdal 0.6.x anteriores a 0.6.1 y 0.5.x anteriores a 0.5.3 no realiza adecuadamente ciertas comprobaciones de consistencia de peticiones entre reinos, lo que permite a atacantes remotos con control de un reino impersonar a otros en la ruta de confianza entre reinos. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:08.heimdal.asc ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/009_kerberos.patch http://security.gentoo.org/glsa/glsa-200404-09.xml http://www.debian.org/security/2004/dsa-476 http://www.pdc.kth.se/heimdal/advisory/2004-04-01 https://exchange.xforce.ibmcloud.com/vulnerabilities/15701 •
CVSS: 10.0EPSS: 29%CPEs: 4EXPL: 0CVE-2002-1235
https://notcve.org/view.php?id=CVE-2002-1235
The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack. La función kadm_ser en el demonio de administración de compatibildad de Kerberos v4 (kadmind4) en el MIT Kerberos 5 (krb5) krb5-1.2.6 y anteriores kadmind en KTH Kerberos 4 (eBones) anteriores a 1.2.1, y kadmind en KTH Kerberos 5 (Heimdal) anteriores a 0.5.1 compilados con soporte de Kerberos 4, no verifica adecuadamente la longitud de un campo de petición, lo que permite a atacantes remotos ejecutar código arbitrario mediante un ataque de desbordamiento de búfer. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-026.txt.asc http://archives.neohapsis.com/archives/bugtraq/2002-10/0399.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000534 http://marc.info/?l=bugtraq&m=103539530729206&w=2 http://marc.info/?l=bugtraq&m=103564944215101&w=2 http://marc.info/?l=bugtraq&m=103582517126392&w=2 http://marc.info/? •