CPE-465B5E82-0671-402C-B89F-D21298A29747 Detail

CPE Details

Heimdal Project Heimdal 7.5.0

Vendor

heimdal_project

Product

heimdal

Version

7.5.0

Created

2017-12-22
18h06 +00:00

Modified

2017-12-22
18h06 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:heimdal_project:heimdal:7.5.0:::::::*

Informations

Vendor

heimdal_project

Product

heimdal

Version

7.5.0

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2022-3116	2023-03-27 00h00 +00:00	The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access to an application that depends on the vulnerable code path can cause the application to crash.	7.5	High
CVE-2021-44758	2022-12-26 00h00 +00:00	Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferred_mech_type of GSS_C_NO_OID and a nonzero initial_response value to send_accept.	7.5	High
CVE-2022-42898	2022-12-24 23h00 +00:00	PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."	8.8	High
CVE-2022-44640	2022-12-24 23h00 +00:00	Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).	9.8	Critical
CVE-2022-41916	2022-11-14 23h00 +00:00	Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial of service vulnerability in Heimdal's PKI certificate validation library, affecting the KDC (via PKINIT) and kinit (via PKINIT), as well as any third-party applications using Heimdal's libhx509. Users should upgrade to Heimdal 7.7.1 or 7.8. There are no known workarounds for this issue.	7.5	High
CVE-2018-16860	2019-07-31 12h38 +00:00	A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and replace the user name (principal) in the request with any desired user name (principal) that exists in the KDC effectively obtaining a ticket for that principal.	7.5	High
CVE-2019-12098	2019-05-15 20h41 +00:00	In the client side of Heimdal before 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. This issue is in krb5_init_creds_step in lib/krb5/init_creds_pw.c.	7.4	High

Heimdal Project Heimdal 7.5.0

CPE Details

CPE Name: cpe:2.3:a:heimdal_project:heimdal:7.5.0:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:heimdal_project:heimdal:7.5.0:::::::*