Search criteria
18 vulnerabilities found for heimdal by kth
FKIE_CVE-2006-0677
Vulnerability from fkie_nvd - Published: 2006-02-14 11:06 - Updated: 2025-04-03 01:03
Severity ?
Summary
telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows remote unauthenticated attackers to cause a denial of service (server crash) via unknown vectors that trigger a null dereference.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kth:heimdal:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F1CE868-E352-422A-BC84-94A6781D7119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4940AAA1-A24F-46CC-B6EA-AE501D6AADE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "603FCBB1-D450-4F34-A391-5C629294F3F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5956639B-01FC-44C7-8CA9-1A7F5805C029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "127A27A4-D022-468C-9389-7D571D4E1901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25DE2636-A566-4E90-BA21-E50B5505C79F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C375B952-22B2-4D90-A80F-FCC5C394BFA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "08DF5422-8DB9-427F-BDFB-D8C667366F08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "237363DB-8160-4B5D-B15E-F3D380C31251",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows remote unauthenticated attackers to cause a denial of service (server crash) via unknown vectors that trigger a null dereference."
}
],
"id": "CVE-2006-0677",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-02-14T11:06:00.000",
"references": [
{
"source": "security@debian.org",
"url": "http://secunia.com/advisories/18894"
},
{
"source": "security@debian.org",
"url": "http://secunia.com/advisories/18961"
},
{
"source": "security@debian.org",
"url": "http://secunia.com/advisories/19005"
},
{
"source": "security@debian.org",
"url": "http://securityreason.com/securityalert/449"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2006/dsa-977"
},
{
"source": "security@debian.org",
"url": "http://www.osvdb.org/23244"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/archive/1/426043/100/0/threaded"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/bid/16676"
},
{
"source": "security@debian.org",
"tags": [
"Patch"
],
"url": "http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html"
},
{
"source": "security@debian.org",
"url": "http://www.ubuntu.com/usn/usn-253-1"
},
{
"source": "security@debian.org",
"url": "http://www.vupen.com/english/advisories/2006/0456"
},
{
"source": "security@debian.org",
"url": "http://www.vupen.com/english/advisories/2006/0628"
},
{
"source": "security@debian.org",
"url": "http://www.vupen.com/english/advisories/2006/0653"
},
{
"source": "security@debian.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/23244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/426043/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-253-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0628"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0653"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24763"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-0582
Vulnerability from fkie_nvd - Published: 2006-02-08 01:02 - Updated: 2025-04-03 01:03
Severity ?
Summary
Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kth:heimdal:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F1CE868-E352-422A-BC84-94A6781D7119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4940AAA1-A24F-46CC-B6EA-AE501D6AADE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "603FCBB1-D450-4F34-A391-5C629294F3F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5956639B-01FC-44C7-8CA9-1A7F5805C029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "127A27A4-D022-468C-9389-7D571D4E1901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25DE2636-A566-4E90-BA21-E50B5505C79F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C375B952-22B2-4D90-A80F-FCC5C394BFA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "08DF5422-8DB9-427F-BDFB-D8C667366F08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "237363DB-8160-4B5D-B15E-F3D380C31251",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Heimdal 0.6.x anteriores a 0.6.6 y 0.7.x anteriores a 0.7.2 cuando se almacenan credenciales remitidos, permite a atacantes sobreescribir ficheros de su elecci\u00f3n y cambiar la propiedad de los ficheros mediante vectores desconocidos."
}
],
"id": "CVE-2006-0582",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-02-08T01:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18733"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18806"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18894"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19005"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19302"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015591"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-977"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-14.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/22986"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.pdc.kth.se/heimdal/advisory/2006-02-06/"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/426043/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16524"
},
{
"source": "cve@mitre.org",
"url": "http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-253-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0456"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0628"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24532"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/247-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18806"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-14.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/22986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.pdc.kth.se/heimdal/advisory/2006-02-06/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/426043/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-253-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0628"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24532"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/247-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-0371
Vulnerability from fkie_nvd - Published: 2004-05-04 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kth:heimdal:0.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "10627869-B21D-4EC6-B574-D6433D169940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "81AA2047-51E1-4D8C-B6CA-B2DB05D37480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.4c:*:*:*:*:*:*:*",
"matchCriteriaId": "434B4406-0B3A-4E7A-94D7-9E9ED63D7101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.4d:*:*:*:*:*:*:*",
"matchCriteriaId": "C752AE86-36DE-47C9-8AA6-2242918228B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.4e:*:*:*:*:*:*:*",
"matchCriteriaId": "D034C52F-7D52-427B-A803-97ABD587306D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "449DDE8E-2C1D-423B-B66F-64DDFB1A61F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBB280F-FD42-4B0F-9E40-2E21AB76EFAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7C97EBE9-0A39-4EFE-B95C-C7813CE68389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5803F2FB-7C3D-40E9-BC30-DC66A7A600F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path."
},
{
"lang": "es",
"value": "Heimdal 0.6.x anteriores a 0.6.1 y 0.5.x anteriores a 0.5.3 no realiza adecuadamente ciertas comprobaciones de consistencia de peticiones entre reinos, lo que permite a atacantes remotos con control de un reino impersonar a otros en la ruta de confianza entre reinos."
}
],
"id": "CVE-2004-0371",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-05-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:08.heimdal.asc"
},
{
"source": "cve@mitre.org",
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/009_kerberos.patch"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200404-09.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-476"
},
{
"source": "cve@mitre.org",
"url": "http://www.pdc.kth.se/heimdal/advisory/2004-04-01/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:08.heimdal.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/009_kerberos.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200404-09.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.pdc.kth.se/heimdal/advisory/2004-04-01/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15701"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2002-1226
Vulnerability from fkie_nvd - Published: 2002-10-28 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows (CVE-2002-1225).
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kth:heimdal:0.3e:*:*:*:*:*:*:*",
"matchCriteriaId": "DD9C2DCA-9DA0-4364-B5A4-BC30C8A0BB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "10627869-B21D-4EC6-B574-D6433D169940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "81AA2047-51E1-4D8C-B6CA-B2DB05D37480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.4c:*:*:*:*:*:*:*",
"matchCriteriaId": "434B4406-0B3A-4E7A-94D7-9E9ED63D7101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.4d:*:*:*:*:*:*:*",
"matchCriteriaId": "C752AE86-36DE-47C9-8AA6-2242918228B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.4e:*:*:*:*:*:*:*",
"matchCriteriaId": "D034C52F-7D52-427B-A803-97ABD587306D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows (CVE-2002-1225)."
}
],
"id": "CVE-2002-1226",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-28T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103341355708817\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103462479621246\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2002/dsa-178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103341355708817\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103462479621246\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2002/dsa-178"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2002-1225
Vulnerability from fkie_nvd - Published: 2002-10-28 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kth:heimdal:0.3e:*:*:*:*:*:*:*",
"matchCriteriaId": "DD9C2DCA-9DA0-4364-B5A4-BC30C8A0BB58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "10627869-B21D-4EC6-B574-D6433D169940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "81AA2047-51E1-4D8C-B6CA-B2DB05D37480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.4c:*:*:*:*:*:*:*",
"matchCriteriaId": "434B4406-0B3A-4E7A-94D7-9E9ED63D7101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.4d:*:*:*:*:*:*:*",
"matchCriteriaId": "C752AE86-36DE-47C9-8AA6-2242918228B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.4e:*:*:*:*:*:*:*",
"matchCriteriaId": "D034C52F-7D52-427B-A803-97ABD587306D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access."
}
],
"id": "CVE-2002-1225",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-28T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103341355708817\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103462479621246\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2002/dsa-178"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10116.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103341355708817\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103462479621246\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2002/dsa-178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10116.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5729"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2002-0754
Vulnerability from fkie_nvd - Published: 2002-08-12 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.asc | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.iss.net/security_center/static/7956.php | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/3919 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.asc | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/7956.php | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/3919 | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freebsd:heimdal:0.4e:*:*:*:*:*:*:*",
"matchCriteriaId": "01C49637-6EB4-4842-B331-67F01C48B686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kth:heimdal:0.4e:*:*:*:*:*:*:*",
"matchCriteriaId": "D034C52F-7D52-427B-A803-97ABD587306D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE31DFF8-06AB-489D-A0C5-509C090283B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:release:*:*:*:*:*:*",
"matchCriteriaId": "1E8A6564-129A-4555-A5ED-6F65C56AE7B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:stable:*:*:*:*:*:*",
"matchCriteriaId": "237174A4-E030-4A0B-AD0B-5C463603EAA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:stable:*:*:*:*:*:*",
"matchCriteriaId": "5D7F8F11-1869-40E2-8478-28B4E946D3CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:release:*:*:*:*:*:*",
"matchCriteriaId": "9062BAB5-D437-49BE-A384-39F62434B70B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:stable:*:*:*:*:*:*",
"matchCriteriaId": "6E53C673-9D6D-42C8-A502-033E1FC28D97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them."
},
{
"lang": "es",
"value": "Kerberos 5 su (k5su) en FreeBSD 4.4 y anteriores se basa en la llamada al sistema getlogin para determinar si el usuario que esta ejecutando k5su es root, lo cual podr\u00eda permitir a procesos sin privilegios, la obtenci\u00f3n de permisos si ese proceso tiene un getlogin como root."
}
],
"id": "CVE-2002-0754",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-08-12T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/7956.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/7956.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3919"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2006-0677 (GCVE-0-2006-0677)
Vulnerability from cvelistv5 – Published: 2006-02-14 11:00 – Updated: 2024-08-07 16:41
VLAI?
Summary
telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows remote unauthenticated attackers to cause a denial of service (server crash) via unknown vectors that trigger a null dereference.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:41:29.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18894",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18894"
},
{
"name": "19005",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19005"
},
{
"name": "ADV-2006-0653",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0653"
},
{
"name": "ADV-2006-0456",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0456"
},
{
"name": "USN-253-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-253-1"
},
{
"name": "18961",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18961"
},
{
"name": "heimdal-telnetd-dos(24763)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24763"
},
{
"name": "449",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/449"
},
{
"name": "16676",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16676"
},
{
"name": "DSA-977",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-977"
},
{
"name": "23244",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/23244"
},
{
"name": "ADV-2006-0628",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0628"
},
{
"name": "SUSE-SA:2006:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426043/100/0/threaded"
},
{
"name": "[heimdal-discuss] 20060206 Heimdal 0.7.2 and 0.6.6",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows remote unauthenticated attackers to cause a denial of service (server crash) via unknown vectors that trigger a null dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "18894",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18894"
},
{
"name": "19005",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19005"
},
{
"name": "ADV-2006-0653",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0653"
},
{
"name": "ADV-2006-0456",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0456"
},
{
"name": "USN-253-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-253-1"
},
{
"name": "18961",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18961"
},
{
"name": "heimdal-telnetd-dos(24763)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24763"
},
{
"name": "449",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/449"
},
{
"name": "16676",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16676"
},
{
"name": "DSA-977",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-977"
},
{
"name": "23244",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/23244"
},
{
"name": "ADV-2006-0628",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0628"
},
{
"name": "SUSE-SA:2006:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.securityfocus.com/archive/1/426043/100/0/threaded"
},
{
"name": "[heimdal-discuss] 20060206 Heimdal 0.7.2 and 0.6.6",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2006-0677",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows remote unauthenticated attackers to cause a denial of service (server crash) via unknown vectors that trigger a null dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18894",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18894"
},
{
"name": "19005",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19005"
},
{
"name": "ADV-2006-0653",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0653"
},
{
"name": "ADV-2006-0456",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0456"
},
{
"name": "USN-253-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-253-1"
},
{
"name": "18961",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18961"
},
{
"name": "heimdal-telnetd-dos(24763)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24763"
},
{
"name": "449",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/449"
},
{
"name": "16676",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16676"
},
{
"name": "DSA-977",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-977"
},
{
"name": "23244",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23244"
},
{
"name": "ADV-2006-0628",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0628"
},
{
"name": "SUSE-SA:2006:011",
"refsource": "SUSE",
"url": "http://www.securityfocus.com/archive/1/426043/100/0/threaded"
},
{
"name": "[heimdal-discuss] 20060206 Heimdal 0.7.2 and 0.6.6",
"refsource": "MLIST",
"url": "http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2006-0677",
"datePublished": "2006-02-14T11:00:00",
"dateReserved": "2006-02-14T00:00:00",
"dateUpdated": "2024-08-07T16:41:29.164Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0582 (GCVE-0-2006-0582)
Vulnerability from cvelistv5 – Published: 2006-02-08 01:00 – Updated: 2024-08-07 16:41
VLAI?
Summary
Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:41:28.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16524",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16524"
},
{
"name": "18894",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18894"
},
{
"name": "22986",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22986"
},
{
"name": "19005",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19005"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.pdc.kth.se/heimdal/advisory/2006-02-06/"
},
{
"name": "heimdal-rshd-privilege-elevation(24532)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24532"
},
{
"name": "ADV-2006-0456",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0456"
},
{
"name": "1015591",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015591"
},
{
"name": "GLSA-200603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-14.xml"
},
{
"name": "18806",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18806"
},
{
"name": "18733",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18733"
},
{
"name": "USN-253-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-253-1"
},
{
"name": "USN-247-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/247-1/"
},
{
"name": "DSA-977",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-977"
},
{
"name": "ADV-2006-0628",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0628"
},
{
"name": "SUSE-SA:2006:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426043/100/0/threaded"
},
{
"name": "[heimdal-discuss] 20060206 Heimdal 0.7.2 and 0.6.6",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html"
},
{
"name": "19302",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19302"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "16524",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16524"
},
{
"name": "18894",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18894"
},
{
"name": "22986",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22986"
},
{
"name": "19005",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19005"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.pdc.kth.se/heimdal/advisory/2006-02-06/"
},
{
"name": "heimdal-rshd-privilege-elevation(24532)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24532"
},
{
"name": "ADV-2006-0456",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0456"
},
{
"name": "1015591",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015591"
},
{
"name": "GLSA-200603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-14.xml"
},
{
"name": "18806",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18806"
},
{
"name": "18733",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18733"
},
{
"name": "USN-253-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-253-1"
},
{
"name": "USN-247-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/247-1/"
},
{
"name": "DSA-977",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-977"
},
{
"name": "ADV-2006-0628",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0628"
},
{
"name": "SUSE-SA:2006:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.securityfocus.com/archive/1/426043/100/0/threaded"
},
{
"name": "[heimdal-discuss] 20060206 Heimdal 0.7.2 and 0.6.6",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html"
},
{
"name": "19302",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19302"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0582",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "16524",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16524"
},
{
"name": "18894",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18894"
},
{
"name": "22986",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22986"
},
{
"name": "19005",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19005"
},
{
"name": "http://www.pdc.kth.se/heimdal/advisory/2006-02-06/",
"refsource": "CONFIRM",
"url": "http://www.pdc.kth.se/heimdal/advisory/2006-02-06/"
},
{
"name": "heimdal-rshd-privilege-elevation(24532)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24532"
},
{
"name": "ADV-2006-0456",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0456"
},
{
"name": "1015591",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015591"
},
{
"name": "GLSA-200603-14",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-14.xml"
},
{
"name": "18806",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18806"
},
{
"name": "18733",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18733"
},
{
"name": "USN-253-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-253-1"
},
{
"name": "USN-247-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/247-1/"
},
{
"name": "DSA-977",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-977"
},
{
"name": "ADV-2006-0628",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0628"
},
{
"name": "SUSE-SA:2006:011",
"refsource": "SUSE",
"url": "http://www.securityfocus.com/archive/1/426043/100/0/threaded"
},
{
"name": "[heimdal-discuss] 20060206 Heimdal 0.7.2 and 0.6.6",
"refsource": "MLIST",
"url": "http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html"
},
{
"name": "19302",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19302"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0582",
"datePublished": "2006-02-08T01:00:00",
"dateReserved": "2006-02-08T00:00:00",
"dateUpdated": "2024-08-07T16:41:28.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0371 (GCVE-0-2004-0371)
Vulnerability from cvelistv5 – Published: 2004-04-06 04:00 – Updated: 2024-08-08 00:17
VLAI?
Summary
Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:17:14.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200404-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200404-09.xml"
},
{
"name": "20040530 009: SECURITY FIX: May 30, 2004",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/009_kerberos.patch"
},
{
"name": "heimdal-cross-realm-spoofing(15701)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15701"
},
{
"name": "FreeBSD-SA-04:08",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:08.heimdal.asc"
},
{
"name": "DSA-476",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-476"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.pdc.kth.se/heimdal/advisory/2004-04-01/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200404-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200404-09.xml"
},
{
"name": "20040530 009: SECURITY FIX: May 30, 2004",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/009_kerberos.patch"
},
{
"name": "heimdal-cross-realm-spoofing(15701)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15701"
},
{
"name": "FreeBSD-SA-04:08",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:08.heimdal.asc"
},
{
"name": "DSA-476",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-476"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.pdc.kth.se/heimdal/advisory/2004-04-01/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0371",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200404-09",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200404-09.xml"
},
{
"name": "20040530 009: SECURITY FIX: May 30, 2004",
"refsource": "OPENBSD",
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/009_kerberos.patch"
},
{
"name": "heimdal-cross-realm-spoofing(15701)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15701"
},
{
"name": "FreeBSD-SA-04:08",
"refsource": "FREEBSD",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:08.heimdal.asc"
},
{
"name": "DSA-476",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-476"
},
{
"name": "http://www.pdc.kth.se/heimdal/advisory/2004-04-01/",
"refsource": "CONFIRM",
"url": "http://www.pdc.kth.se/heimdal/advisory/2004-04-01/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0371",
"datePublished": "2004-04-06T04:00:00",
"dateReserved": "2004-03-24T00:00:00",
"dateUpdated": "2024-08-08T00:17:14.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0754 (GCVE-0-2002-0754)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 03:03
VLAI?
Summary
Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:47.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FreeBSD-SA-02:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.asc"
},
{
"name": "3919",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3919"
},
{
"name": "kerberos5-k5su-elevate-privileges(7956)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7956.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-24T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FreeBSD-SA-02:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.asc"
},
{
"name": "3919",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3919"
},
{
"name": "kerberos5-k5su-elevate-privileges(7956)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7956.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0754",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-02:07",
"refsource": "FREEBSD",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.asc"
},
{
"name": "3919",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3919"
},
{
"name": "kerberos5-k5su-elevate-privileges(7956)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7956.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0754",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-07-25T00:00:00",
"dateUpdated": "2024-08-08T03:03:47.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1225 (GCVE-0-2002-1225)
Vulnerability from cvelistv5 – Published: 2002-10-21 04:00 – Updated: 2024-08-08 03:19
VLAI?
Summary
Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5729",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5729"
},
{
"name": "DSA-178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-178"
},
{
"name": "SuSE-SA:2002:034",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103341355708817\u0026w=2"
},
{
"name": "heimdal-kf-kfd-bo(10116)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10116.php"
},
{
"name": "20021014 GLSA: heimdal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103462479621246\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5729",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5729"
},
{
"name": "DSA-178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-178"
},
{
"name": "SuSE-SA:2002:034",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103341355708817\u0026w=2"
},
{
"name": "heimdal-kf-kfd-bo(10116)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10116.php"
},
{
"name": "20021014 GLSA: heimdal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103462479621246\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1225",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5729",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5729"
},
{
"name": "DSA-178",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-178"
},
{
"name": "SuSE-SA:2002:034",
"refsource": "SUSE",
"url": "http://marc.info/?l=bugtraq\u0026m=103341355708817\u0026w=2"
},
{
"name": "heimdal-kf-kfd-bo(10116)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10116.php"
},
{
"name": "20021014 GLSA: heimdal",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103462479621246\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1225",
"datePublished": "2002-10-21T04:00:00",
"dateReserved": "2002-10-17T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1226 (GCVE-0-2002-1226)
Vulnerability from cvelistv5 – Published: 2002-10-21 04:00 – Updated: 2024-08-08 03:19
VLAI?
Summary
Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows (CVE-2002-1225).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:27.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-178"
},
{
"name": "SuSE-SA:2002:034",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103341355708817\u0026w=2"
},
{
"name": "20021014 GLSA: heimdal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103462479621246\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows (CVE-2002-1225)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-178"
},
{
"name": "SuSE-SA:2002:034",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103341355708817\u0026w=2"
},
{
"name": "20021014 GLSA: heimdal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103462479621246\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1226",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows (CVE-2002-1225)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-178",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-178"
},
{
"name": "SuSE-SA:2002:034",
"refsource": "SUSE",
"url": "http://marc.info/?l=bugtraq\u0026m=103341355708817\u0026w=2"
},
{
"name": "20021014 GLSA: heimdal",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103462479621246\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1226",
"datePublished": "2002-10-21T04:00:00",
"dateReserved": "2002-10-17T00:00:00",
"dateUpdated": "2024-08-08T03:19:27.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0677 (GCVE-0-2006-0677)
Vulnerability from nvd – Published: 2006-02-14 11:00 – Updated: 2024-08-07 16:41
VLAI?
Summary
telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows remote unauthenticated attackers to cause a denial of service (server crash) via unknown vectors that trigger a null dereference.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:41:29.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18894",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18894"
},
{
"name": "19005",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19005"
},
{
"name": "ADV-2006-0653",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0653"
},
{
"name": "ADV-2006-0456",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0456"
},
{
"name": "USN-253-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-253-1"
},
{
"name": "18961",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18961"
},
{
"name": "heimdal-telnetd-dos(24763)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24763"
},
{
"name": "449",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/449"
},
{
"name": "16676",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16676"
},
{
"name": "DSA-977",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-977"
},
{
"name": "23244",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/23244"
},
{
"name": "ADV-2006-0628",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0628"
},
{
"name": "SUSE-SA:2006:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426043/100/0/threaded"
},
{
"name": "[heimdal-discuss] 20060206 Heimdal 0.7.2 and 0.6.6",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows remote unauthenticated attackers to cause a denial of service (server crash) via unknown vectors that trigger a null dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"shortName": "debian"
},
"references": [
{
"name": "18894",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18894"
},
{
"name": "19005",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19005"
},
{
"name": "ADV-2006-0653",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0653"
},
{
"name": "ADV-2006-0456",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0456"
},
{
"name": "USN-253-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-253-1"
},
{
"name": "18961",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18961"
},
{
"name": "heimdal-telnetd-dos(24763)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24763"
},
{
"name": "449",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/449"
},
{
"name": "16676",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16676"
},
{
"name": "DSA-977",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-977"
},
{
"name": "23244",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/23244"
},
{
"name": "ADV-2006-0628",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0628"
},
{
"name": "SUSE-SA:2006:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.securityfocus.com/archive/1/426043/100/0/threaded"
},
{
"name": "[heimdal-discuss] 20060206 Heimdal 0.7.2 and 0.6.6",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2006-0677",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows remote unauthenticated attackers to cause a denial of service (server crash) via unknown vectors that trigger a null dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18894",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18894"
},
{
"name": "19005",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19005"
},
{
"name": "ADV-2006-0653",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0653"
},
{
"name": "ADV-2006-0456",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0456"
},
{
"name": "USN-253-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-253-1"
},
{
"name": "18961",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18961"
},
{
"name": "heimdal-telnetd-dos(24763)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24763"
},
{
"name": "449",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/449"
},
{
"name": "16676",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16676"
},
{
"name": "DSA-977",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-977"
},
{
"name": "23244",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23244"
},
{
"name": "ADV-2006-0628",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0628"
},
{
"name": "SUSE-SA:2006:011",
"refsource": "SUSE",
"url": "http://www.securityfocus.com/archive/1/426043/100/0/threaded"
},
{
"name": "[heimdal-discuss] 20060206 Heimdal 0.7.2 and 0.6.6",
"refsource": "MLIST",
"url": "http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
"assignerShortName": "debian",
"cveId": "CVE-2006-0677",
"datePublished": "2006-02-14T11:00:00",
"dateReserved": "2006-02-14T00:00:00",
"dateUpdated": "2024-08-07T16:41:29.164Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0582 (GCVE-0-2006-0582)
Vulnerability from nvd – Published: 2006-02-08 01:00 – Updated: 2024-08-07 16:41
VLAI?
Summary
Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:41:28.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16524",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16524"
},
{
"name": "18894",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18894"
},
{
"name": "22986",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22986"
},
{
"name": "19005",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19005"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.pdc.kth.se/heimdal/advisory/2006-02-06/"
},
{
"name": "heimdal-rshd-privilege-elevation(24532)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24532"
},
{
"name": "ADV-2006-0456",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0456"
},
{
"name": "1015591",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015591"
},
{
"name": "GLSA-200603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-14.xml"
},
{
"name": "18806",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18806"
},
{
"name": "18733",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18733"
},
{
"name": "USN-253-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-253-1"
},
{
"name": "USN-247-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/247-1/"
},
{
"name": "DSA-977",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-977"
},
{
"name": "ADV-2006-0628",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0628"
},
{
"name": "SUSE-SA:2006:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426043/100/0/threaded"
},
{
"name": "[heimdal-discuss] 20060206 Heimdal 0.7.2 and 0.6.6",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html"
},
{
"name": "19302",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19302"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "16524",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16524"
},
{
"name": "18894",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18894"
},
{
"name": "22986",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22986"
},
{
"name": "19005",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19005"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.pdc.kth.se/heimdal/advisory/2006-02-06/"
},
{
"name": "heimdal-rshd-privilege-elevation(24532)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24532"
},
{
"name": "ADV-2006-0456",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0456"
},
{
"name": "1015591",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015591"
},
{
"name": "GLSA-200603-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-14.xml"
},
{
"name": "18806",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18806"
},
{
"name": "18733",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18733"
},
{
"name": "USN-253-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-253-1"
},
{
"name": "USN-247-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/247-1/"
},
{
"name": "DSA-977",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-977"
},
{
"name": "ADV-2006-0628",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0628"
},
{
"name": "SUSE-SA:2006:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.securityfocus.com/archive/1/426043/100/0/threaded"
},
{
"name": "[heimdal-discuss] 20060206 Heimdal 0.7.2 and 0.6.6",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html"
},
{
"name": "19302",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19302"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0582",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "16524",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16524"
},
{
"name": "18894",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18894"
},
{
"name": "22986",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22986"
},
{
"name": "19005",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19005"
},
{
"name": "http://www.pdc.kth.se/heimdal/advisory/2006-02-06/",
"refsource": "CONFIRM",
"url": "http://www.pdc.kth.se/heimdal/advisory/2006-02-06/"
},
{
"name": "heimdal-rshd-privilege-elevation(24532)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24532"
},
{
"name": "ADV-2006-0456",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0456"
},
{
"name": "1015591",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015591"
},
{
"name": "GLSA-200603-14",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-14.xml"
},
{
"name": "18806",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18806"
},
{
"name": "18733",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18733"
},
{
"name": "USN-253-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-253-1"
},
{
"name": "USN-247-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/247-1/"
},
{
"name": "DSA-977",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-977"
},
{
"name": "ADV-2006-0628",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0628"
},
{
"name": "SUSE-SA:2006:011",
"refsource": "SUSE",
"url": "http://www.securityfocus.com/archive/1/426043/100/0/threaded"
},
{
"name": "[heimdal-discuss] 20060206 Heimdal 0.7.2 and 0.6.6",
"refsource": "MLIST",
"url": "http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html"
},
{
"name": "19302",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19302"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0582",
"datePublished": "2006-02-08T01:00:00",
"dateReserved": "2006-02-08T00:00:00",
"dateUpdated": "2024-08-07T16:41:28.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0371 (GCVE-0-2004-0371)
Vulnerability from nvd – Published: 2004-04-06 04:00 – Updated: 2024-08-08 00:17
VLAI?
Summary
Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:17:14.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200404-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200404-09.xml"
},
{
"name": "20040530 009: SECURITY FIX: May 30, 2004",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/009_kerberos.patch"
},
{
"name": "heimdal-cross-realm-spoofing(15701)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15701"
},
{
"name": "FreeBSD-SA-04:08",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:08.heimdal.asc"
},
{
"name": "DSA-476",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-476"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.pdc.kth.se/heimdal/advisory/2004-04-01/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200404-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200404-09.xml"
},
{
"name": "20040530 009: SECURITY FIX: May 30, 2004",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/009_kerberos.patch"
},
{
"name": "heimdal-cross-realm-spoofing(15701)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15701"
},
{
"name": "FreeBSD-SA-04:08",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:08.heimdal.asc"
},
{
"name": "DSA-476",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-476"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.pdc.kth.se/heimdal/advisory/2004-04-01/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0371",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200404-09",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200404-09.xml"
},
{
"name": "20040530 009: SECURITY FIX: May 30, 2004",
"refsource": "OPENBSD",
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/009_kerberos.patch"
},
{
"name": "heimdal-cross-realm-spoofing(15701)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15701"
},
{
"name": "FreeBSD-SA-04:08",
"refsource": "FREEBSD",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:08.heimdal.asc"
},
{
"name": "DSA-476",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-476"
},
{
"name": "http://www.pdc.kth.se/heimdal/advisory/2004-04-01/",
"refsource": "CONFIRM",
"url": "http://www.pdc.kth.se/heimdal/advisory/2004-04-01/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0371",
"datePublished": "2004-04-06T04:00:00",
"dateReserved": "2004-03-24T00:00:00",
"dateUpdated": "2024-08-08T00:17:14.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0754 (GCVE-0-2002-0754)
Vulnerability from nvd – Published: 2003-04-02 05:00 – Updated: 2024-08-08 03:03
VLAI?
Summary
Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:47.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FreeBSD-SA-02:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.asc"
},
{
"name": "3919",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3919"
},
{
"name": "kerberos5-k5su-elevate-privileges(7956)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7956.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-24T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FreeBSD-SA-02:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.asc"
},
{
"name": "3919",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3919"
},
{
"name": "kerberos5-k5su-elevate-privileges(7956)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7956.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0754",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-02:07",
"refsource": "FREEBSD",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.asc"
},
{
"name": "3919",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3919"
},
{
"name": "kerberos5-k5su-elevate-privileges(7956)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7956.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0754",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-07-25T00:00:00",
"dateUpdated": "2024-08-08T03:03:47.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1225 (GCVE-0-2002-1225)
Vulnerability from nvd – Published: 2002-10-21 04:00 – Updated: 2024-08-08 03:19
VLAI?
Summary
Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5729",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5729"
},
{
"name": "DSA-178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-178"
},
{
"name": "SuSE-SA:2002:034",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103341355708817\u0026w=2"
},
{
"name": "heimdal-kf-kfd-bo(10116)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10116.php"
},
{
"name": "20021014 GLSA: heimdal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103462479621246\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5729",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5729"
},
{
"name": "DSA-178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-178"
},
{
"name": "SuSE-SA:2002:034",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103341355708817\u0026w=2"
},
{
"name": "heimdal-kf-kfd-bo(10116)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10116.php"
},
{
"name": "20021014 GLSA: heimdal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103462479621246\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1225",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5729",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5729"
},
{
"name": "DSA-178",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-178"
},
{
"name": "SuSE-SA:2002:034",
"refsource": "SUSE",
"url": "http://marc.info/?l=bugtraq\u0026m=103341355708817\u0026w=2"
},
{
"name": "heimdal-kf-kfd-bo(10116)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10116.php"
},
{
"name": "20021014 GLSA: heimdal",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103462479621246\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1225",
"datePublished": "2002-10-21T04:00:00",
"dateReserved": "2002-10-17T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1226 (GCVE-0-2002-1226)
Vulnerability from nvd – Published: 2002-10-21 04:00 – Updated: 2024-08-08 03:19
VLAI?
Summary
Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows (CVE-2002-1225).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:27.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-178"
},
{
"name": "SuSE-SA:2002:034",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103341355708817\u0026w=2"
},
{
"name": "20021014 GLSA: heimdal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103462479621246\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows (CVE-2002-1225)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-178"
},
{
"name": "SuSE-SA:2002:034",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103341355708817\u0026w=2"
},
{
"name": "20021014 GLSA: heimdal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103462479621246\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1226",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows (CVE-2002-1225)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-178",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-178"
},
{
"name": "SuSE-SA:2002:034",
"refsource": "SUSE",
"url": "http://marc.info/?l=bugtraq\u0026m=103341355708817\u0026w=2"
},
{
"name": "20021014 GLSA: heimdal",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103462479621246\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1226",
"datePublished": "2002-10-21T04:00:00",
"dateReserved": "2002-10-17T00:00:00",
"dateUpdated": "2024-08-08T03:19:27.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}