CVE-2022-3116

<= 7.7.0

The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access to an

7.5HIGH

CVE-2022-45142

all versions

The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" compar

7.5HIGH

CVE-2021-44758

< 7.7.1

Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferred_mech_type of GSS_C_

7.5HIGH

CVE-2022-42898

< 7.7.1

PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code

8.8HIGH

CVE-2022-44640

< 7.7.1

Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the K

9.8CRITICAL

CVE-2022-41916

< 7.7.1

Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial of service vulne

5.9MEDIUM

CVE-2018-16860

>= 0.8 and <= 7.5.0

A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4

7.5HIGH

CVE-2019-12098

< 7.6.0

In the client side of Heimdal before 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-midd

7.4HIGH

CVE-2018-5731

all versions

An issue was discovered in Heimdal PRO 2.2.190. As part of the scanning feature, a process called md.hs writes an executable calle

7.0HIGH

CVE-2018-5349

all versions

A vulnerability has been found in Heimdal PRO v2.2.190, but it is most likely also present in Heimdal FREE and Heimdal CORP. Fault

7.8HIGH

CVE-2017-17439

<= 7.4.0

In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empt

7.5HIGH

CVE-2017-6594

<= 7.2.0

The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by l

7.5HIGH

CVE-2017-11103

< 7.4.0

Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal

8.1HIGH

CVE-2011-4862

<= 1.5.1

Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl)

CVE-2007-5939

all versions

The gss_userok function in appl/ftp/ftpd/gss_userok.c in Heimdal 0.7.2 does not allocate memory for the ticketfile pointer before

CVE-2006-3084

<= 0.7.2

The (1) ftpd and (2) ksu programs in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x before 1.4.4, and (b) Heimdal 0.7.2 and earlie

CVE-2006-3083

all versions

The (1) krshd and (2) v4rcp applications in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x before 1.4.4, when running on Linux and

CVE-2006-0677

all versions

telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows remote unauthenticated attackers to cause a denial of service

CVE-2006-0582

all versions

Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows

CVE-2004-0434

< 0.6.2

k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration req

9.8CRITICAL

CVE-2004-0371

all versions

Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, w

CVE-2002-1226

all versions

Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remo

CVE-2002-1225

all versions

Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers

CVE-2002-0754

all versions

Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root,