Количество 6
Количество 6
CVE-2017-17439
In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c and the der_length_visible_string function in lib/asn1/der_length.c.
CVE-2017-17439
In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c and the der_length_visible_string function in lib/asn1/der_length.c.
CVE-2017-17439
In Heimdal through 7.4, remote unauthenticated attackers are able to c ...
openSUSE-SU-2018:2376-1
Security update for libheimdal
openSUSE-SU-2017:3268-1
Security update for libheimdal
GHSA-gc5p-r2vh-qc88
In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c and the der_length_visible_string function in lib/asn1/der_length.c.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2017-17439 In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c and the der_length_visible_string function in lib/asn1/der_length.c. | CVSS3: 7.5 | 9% Низкий | около 8 лет назад |
 | CVE-2017-17439 In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c and the der_length_visible_string function in lib/asn1/der_length.c. | CVSS3: 7.5 | 9% Низкий | около 8 лет назад |
| CVE-2017-17439 In Heimdal through 7.4, remote unauthenticated attackers are able to c ... | CVSS3: 7.5 | 9% Низкий | около 8 лет назад |
 | openSUSE-SU-2018:2376-1 Security update for libheimdal | 9% Низкий | больше 7 лет назад | |
| openSUSE-SU-2017:3268-1 Security update for libheimdal | 9% Низкий | около 8 лет назад | |
| GHSA-gc5p-r2vh-qc88 In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c and the der_length_visible_string function in lib/asn1/der_length.c. | CVSS3: 7.5 | 9% Низкий | больше 3 лет назад |
Уязвимостей на страницу