FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  374986
Date:      2014-12-20
Time:      00:21:30Z
Committer: delphij

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
446dbecb-9edc-11d8-9366-0020ed76ef5aheimdal kadmind remote heap buffer overflow

An input validation error was discovered in the kadmind code that handles the framing of Kerberos 4 compatibility administration requests. The code assumed that the length given in the framing was always two or more bytes. Smaller lengths will cause kadmind to read an arbitrary amount of data into a minimally-sized buffer on the heap.

A remote attacker may send a specially formatted message to kadmind, causing it to crash or possibly resulting in arbitrary code execution.

The kadmind daemon is part of Kerberos 5 support. However, this bug will only be present if kadmind was built with additional Kerberos 4 support. Thus, only systems that have *both* Heimdal Kerberos 5 and Kerberos 4 installed might be affected.

NOTE: On FreeBSD 4 systems, `kadmind' may be installed as `k5admind'.


Discovery 2004-05-05
Entry 2004-05-05
heimdal
lt 0.6.1_1

CVE-2004-0434
SA-04:09.kadmind
446dbecb-9edc-11d8-9366-0020ed76ef5aheimdal kadmind remote heap buffer overflow

An input validation error was discovered in the kadmind code that handles the framing of Kerberos 4 compatibility administration requests. The code assumed that the length given in the framing was always two or more bytes. Smaller lengths will cause kadmind to read an arbitrary amount of data into a minimally-sized buffer on the heap.

A remote attacker may send a specially formatted message to kadmind, causing it to crash or possibly resulting in arbitrary code execution.

The kadmind daemon is part of Kerberos 5 support. However, this bug will only be present if kadmind was built with additional Kerberos 4 support. Thus, only systems that have *both* Heimdal Kerberos 5 and Kerberos 4 installed might be affected.

NOTE: On FreeBSD 4 systems, `kadmind' may be installed as `k5admind'.


Discovery 2004-05-05
Entry 2004-05-05
heimdal
lt 0.6.1_1

CVE-2004-0434
SA-04:09.kadmind
bfb36941-84fa-11d8-a41f-0020ed76ef5aIncorrect cross-realm trust handling in Heimdal

Heimdal does not correctly validate the `transited' field of Kerberos tickets when computing the authentication path. This could allow a rogue KDC with which cross-realm relationships have been established to impersonate any KDC in the authentication path.


Discovery 2004-04-01
Entry 2004-04-02
Modified 2004-05-05
heimdal
lt 0.6.1

CVE-2004-0371
SA-04:08.heimdal
http://www.pdc.kth.se/heimdal/advisory/2004-04-01/
bfb36941-84fa-11d8-a41f-0020ed76ef5aIncorrect cross-realm trust handling in Heimdal

Heimdal does not correctly validate the `transited' field of Kerberos tickets when computing the authentication path. This could allow a rogue KDC with which cross-realm relationships have been established to impersonate any KDC in the authentication path.


Discovery 2004-04-01
Entry 2004-04-02
Modified 2004-05-05
heimdal
lt 0.6.1

CVE-2004-0371
SA-04:08.heimdal
http://www.pdc.kth.se/heimdal/advisory/2004-04-01/
b62c80c2-b81a-11da-bec5-00123ffe8333heimdal -- Multiple vulnerabilities

A Project heimdal Security Advisory reports:

The telnet client program in Heimdal has buffer overflows in the functions slc_add_reply() and env_opt_add(), which may lead to remote code execution.

The telnetd server program in Heimdal has buffer overflows in the function getterminaltype, which may lead to remote code execution.

The rshd server in Heimdal has a privilege escalation bug when storing forwarded credentials. The code allowes a user to overwrite a file with its credential cache, and get ownership of the file.


Discovery 2006-02-06
Entry 2006-03-20
heimdal
lt 0.6.6

CVE-2005-0469
CVE-2005-2040
CVE-2006-0582
CVE-2006-0677
http://www.pdc.kth.se/heimdal/advisory/2005-04-20
http://www.pdc.kth.se/heimdal/advisory/2005-06-20
http://www.pdc.kth.se/heimdal/advisory/2006-02-06
b62c80c2-b81a-11da-bec5-00123ffe8333heimdal -- Multiple vulnerabilities

A Project heimdal Security Advisory reports:

The telnet client program in Heimdal has buffer overflows in the functions slc_add_reply() and env_opt_add(), which may lead to remote code execution.

The telnetd server program in Heimdal has buffer overflows in the function getterminaltype, which may lead to remote code execution.

The rshd server in Heimdal has a privilege escalation bug when storing forwarded credentials. The code allowes a user to overwrite a file with its credential cache, and get ownership of the file.


Discovery 2006-02-06
Entry 2006-03-20
heimdal
lt 0.6.6

CVE-2005-0469
CVE-2005-2040
CVE-2006-0582
CVE-2006-0677
http://www.pdc.kth.se/heimdal/advisory/2005-04-20
http://www.pdc.kth.se/heimdal/advisory/2005-06-20
http://www.pdc.kth.se/heimdal/advisory/2006-02-06