Vulnerabilities > Heimdal Project

DATE	CVE	VULNERABILITY TITLE	RISK
2017-07-13	CVE-2017-11103	Insufficient Verification of Data Authenticity vulnerability in multiple products Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. network heimdal-project freebsd samba apple debian CWE-345	6.8
2011-12-25	CVE-2011-4862	Classic Buffer Overflow vulnerability in multiple products Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011. network low complexity gnu heimdal-project mit freebsd fedoraproject debian opensuse suse CWE-120 critical	10.0
2004-07-07	CVE-2004-0434	Incorrect Calculation of Buffer Size vulnerability in multiple products k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow. network low complexity heimdal-project debian CWE-131 critical	9.8

Vulnerabilities > Heimdal Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Heimdal Project"}]}