This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-05-02 10:37:19 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
446dbecb-9edc-11d8-9366-0020ed76ef5a | heimdal kadmind remote heap buffer overflow An input validation error was discovered in the kadmind code that handles the framing of Kerberos 4 compatibility administration requests. The code assumed that the length given in the framing was always two or more bytes. Smaller lengths will cause kadmind to read an arbitrary amount of data into a minimally-sized buffer on the heap. A remote attacker may send a specially formatted message to kadmind, causing it to crash or possibly resulting in arbitrary code execution. The kadmind daemon is part of Kerberos 5 support. However, this bug will only be present if kadmind was built with additional Kerberos 4 support. Thus, only systems that have *both* Heimdal Kerberos 5 and Kerberos 4 installed might be affected. NOTE: On FreeBSD 4 systems, `kadmind' may be installed as `k5admind'. Discovery 2004-05-05 Entry 2004-05-05 heimdal < 0.6.1_1 FreeBSD ge 4.9 lt 4.9_7 ge 4.0 lt 4.8_20 CVE-2004-0434 SA-04:09.kadmind |
40a8d798-4615-11e7-8080-a4badb2f4699 | heimdal -- bypass of capath policy Viktor Dukhovni reports:
Discovery 2017-04-13 Entry 2017-05-31 heimdal < 7.1.0_3 CVE-2017-6594 ports/219657 |
b62c80c2-b81a-11da-bec5-00123ffe8333 | heimdal -- Multiple vulnerabilities A Project heimdal Security Advisory reports:
Discovery 2006-02-06 Entry 2006-03-20 heimdal < 0.6.6 CVE-2005-0469 CVE-2005-2040 CVE-2006-0582 CVE-2006-0677 http://www.pdc.kth.se/heimdal/advisory/2005-04-20 http://www.pdc.kth.se/heimdal/advisory/2005-06-20 http://www.pdc.kth.se/heimdal/advisory/2006-02-06 |