Download
| Alert*
oval:org.secpod.oval:def:1800114
In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _ ... oval:org.secpod.oval:def:1800713 In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _ ... oval:org.secpod.oval:def:53202 Michael Eder and Thomas Kittel discovered that Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos, did not correctly handle ASN.1 data. This would allow an unauthenticated remote attacker to cause a denial of service by sending maliciously crafted packets. oval:org.secpod.oval:def:603202 Michael Eder and Thomas Kittel discovered that Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos, did not correctly handle ASN.1 data. This would allow an unauthenticated remote attacker to cause a denial of service by sending maliciously crafted packets. oval:org.secpod.oval:def:113861 Kerberos 5 is a network authentication and single sign-on system. Heimdal is a free Kerberos 5 implementation without export restrictions written from the spec including advanced features like thread safety, IPv6, master-slave replication of Kerberos Key Distribution Center server and support for t ... oval:org.secpod.oval:def:113851 Kerberos 5 is a network authentication and single sign-on system. Heimdal is a free Kerberos 5 implementation without export restrictions written from the spec including advanced features like thread safety, IPv6, master-slave replication of Kerberos Key Distribution Center server and support for t ... |