Vulnerabilities > KTH
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-10-28 | CVE-2012-6303 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the GetWavHeader function in generic/jkSoundFile.c in the Snack Sound Toolkit, as used in WaveSurfer 1.8.8p4, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large chunk size in a WAV file. | 6.8 |
| 2006-02-14 | CVE-2006-0677 | Denial Of Service vulnerability in Heimdal TelnetD telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows remote unauthenticated attackers to cause a denial of service (server crash) via unknown vectors that trigger a null dereference. | 7.8 |
| 2006-02-08 | CVE-2006-0582 | Local Privilege Escalation vulnerability in Heimdal RSHD Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors. | 2.1 |
| 2004-05-04 | CVE-2004-0371 | Unspecified vulnerability in KTH Heimdal Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path. | 5.0 |
| 2002-11-04 | CVE-2002-1235 | Remote Buffer Overflow vulnerability in Multiple Vendor kadmind The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before 0.5.1 when compiled with Kerberos 4 support, does not properly verify the length field of a request, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | 10.0 |
| 2002-10-28 | CVE-2002-1226 | Unspecified vulnerability in KTH Heimdal Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows (CVE-2002-1225). | 10.0 |
| 2002-10-28 | CVE-2002-1225 | Unspecified vulnerability in KTH Heimdal Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access. | 10.0 |
| 2002-08-12 | CVE-2002-0754 | Privilege Escalation vulnerability in Kerberos 5 su Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them. | 7.2 |
| 2002-06-18 | CVE-2002-0600 | Heap Overflow vulnerability in KTH eBones Kerberos4 FTP Client Passive Mode Heap overflow in the KTH Kerberos 4 FTP client 4-1.1.1 allows remote malicious servers to execute arbitrary code on the client via a long response to a passive (PASV) mode request. | 7.5 |
| 2001-08-27 | CVE-2001-1444 | Remote Security vulnerability in KTH Kerberos 4/5 The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Kerberos V (Heimdal), does not encrypt authentication and encryption options sent from the server, which allows remote attackers to downgrade authentication and encryption mechanisms via a man-in-the-middle attack. | 7.5 |