Heimdal Project Heimdal 7.7.0

CPE Details

Heimdal Project Heimdal 7.7.0
7.7.0
2019-09-10
13h16 +00:00
2019-09-10
13h16 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:heimdal_project:heimdal:7.7.0:*:*:*:*:*:*:*

Informations

Vendor

heimdal_project

Product

heimdal

Version

7.7.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-3116 2023-03-27 00h00 +00:00 The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access to an application that depends on the vulnerable code path can cause the application to crash.
7.5
High
CVE-2021-44758 2022-12-26 00h00 +00:00 Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferred_mech_type of GSS_C_NO_OID and a nonzero initial_response value to send_accept.
7.5
High
CVE-2022-42898 2022-12-24 23h00 +00:00 PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."
8.8
High
CVE-2022-44640 2022-12-24 23h00 +00:00 Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).
9.8
Critical
CVE-2022-41916 2022-11-14 23h00 +00:00 Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial of service vulnerability in Heimdal's PKI certificate validation library, affecting the KDC (via PKINIT) and kinit (via PKINIT), as well as any third-party applications using Heimdal's libhx509. Users should upgrade to Heimdal 7.7.1 or 7.8. There are no known workarounds for this issue.
7.5
High