Heimdal releases prior to 0.6.2 with kadmind version4 have been found vulnerable to a remote pre-auth heap overflow.
e9904e864457a433ac51672c12211c9ea2fc1e1a4bccf613bd089f2a6f702889
Name: Heimdal kadmind version4 remote heap
overflow
Date: 6 May 2004
CVE candidate: CAN-2004-0434
Author: Evgeny Demidov
Description:
There exists a remote preauth heap overflow vulnerability
in Heimdal kadmind version4 support.
All versions of Heimdal including 0.6.1 are known to be
vulnerable.
Its recommended to disable Kerberos 4 support by runing
kadmind with --no-kerberos4 option.
Fix:
FreeBSD has issued an advisory:
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:09.kadmind.asc
Latest Heimdal snapshot also fixes the problem.
History:
The vulnerability has been discovered several months ago
by Evgeny Demidov during Heimdal source code audit.
The details of the vulnerability has been made availabe to
VulnDisco clients two weeks ago.
Thanks:
Heimdal development team has been ready with a patch in a
couple of hours after initial contact.
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed