||3 H5l, Opensuse Project, Opensuse
||3 Heimdal, Leap, Leap
|The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets.
||3 Samba, H5l, Freebsd
||3 Samba, Heimdal, Freebsd
|Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service...
||3 Mit, H5l, Freebsd
||3 Freebsd, Krb5-appl, Heimdal
|Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to...