Heimdal Kerberos转发守护程序零终止字符串绕过缓冲区溢出漏洞

admin
admin
admin
0
文章
0
评论
2022-07-22 09:52:44 CNNVD漏洞 来源:ZONE.CI 全球网 0 阅读模式

漏洞信息详情

Heimdal Kerberos转发守护程序零终止字符串绕过缓冲区溢出漏洞

  • CNNVD编号:CNNVD-200210-295
  • 危害等级: 高危
  • CVE编号: CVE-2002-1226
  • 漏洞类型: 缓冲区溢出
  • 发布时间: 2002-10-28
  • 威胁类型: 远程
  • 更新时间: 2005-10-31
  • 厂        商: kth
  • 漏洞来源: Vulnerability anno...

漏洞简介

带有未知影响的Heimdal 0.5之前版本可能在(1)kadmind以及(2)kdc服务器中存在未知漏洞。远程或本地攻击者可能获得根或其他使用权,但是不借助缓冲区溢出(CVE-2002-1225)。

漏洞公告

NetBSD has released an advisory addressing this issue. All versions of NetBSD, including NetBSD-current source prior to September 10, 2002, contain the vulnerable binary, though the service is not enabled by default. NetBSD has fixed this version vulnerability in the 1.5 version of the source, and the 1.6 branch fix is pending. NetBSD Security has advised users of 1.6 to manually remove the vulnerable binaries after completing a "make build". Users of Gentoo Linux are advised to upgrade using the following commands: emerge rsync emerge heimdal emerge clean Updated versions available: KTH Heimdal 0.3 e

  • SuSE heimdal-0.3e-83.i386.rpm ftp://ftp.suse.com/pub/suse/i386/update/7.2/sec2/heimdal-0.3e-83.i386. rpm
  • SuSE heimdal-0.3e-83.src.rpm ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/heimdal-0.3e-83.src.rp m
  • SuSE heimdal-devel-0.3e-83.i386.rpm ftp://ftp.suse.com/pub/suse/i386/update/7.2/sec2/heimdal-devel-0.3e-83 .i386.rpm
  • SuSE heimdal-lib-0.3e-83.i386.rpm ftp://ftp.suse.com/pub/suse/i386/update/7.2/sec1/heimdal-lib-0.3e-83.i 386.rpm
KTH Heimdal 0.4 d
  • KTH heimdal-0.5.tar.gz ftp://ftp.pdc.kth.se/pub/heimdal/src/heimdal-0.5.tar.gz
  • SuSE heimdal-0.4d-113.ppc.rpm ftp://ftp.suse.com/pub/suse/ppc/update/7.3/sec2/heimdal-0.4d-113.ppc.r pm
  • SuSE heimdal-0.4d-113.src.rpm ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/heimdal-0.4d-113.src.rp m
  • SuSE heimdal-0.4d-132.src.rpm ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/heimdal-0.4d-132.src.r pm
  • SuSE heimdal-0.4d-67.sparc.rpm ftp://ftp.suse.com/pub/suse/sparc/update/7.3/sec2/heimdal-0.4d-67.spar c.rpm
  • SuSE heimdal-0.4d-67.src.rpm ftp://ftp.suse.com/pub/suse/sparc/update/7.3/zq1/heimdal-0.4d-67.src.r pm
  • SuSE heimdal-devel-0.4d-113.ppc.rpm ftp://ftp.suse.com/pub/suse/ppc/update/7.3/sec2/heimdal-devel-0.4d-113 .ppc.rpm
  • SuSE heimdal-devel-0.4d-132.i386.rpm ftp://ftp.suse.com/pub/suse/i386/update/7.3/sec2/heimdal-devel-0.4d-13 2.i386.rpm
  • SuSE heimdal-devel-0.4d-67.sparc.rpm ftp://ftp.suse.com/pub/suse/sparc/update/7.3/sec2/heimdal-devel-0.4d-6 7.sparc.rpm
  • SuSE heimdal-lib-0.4d-113.ppc.rpm ftp://ftp.suse.com/pub/suse/ppc/update/7.3/sec1/heimdal-lib-0.4d-113.p pc.rpm
  • SuSE heimdal-lib-0.4d-67.sparc.rpm ftp://ftp.suse.com/pub/suse/sparc/update/7.3/sec1/heimdal-lib-0.4d-67. sparc.rpm
KTH Heimdal 0.4 b
  • KTH heimdal-0.5.tar.gz ftp://ftp.pdc.kth.se/pub/heimdal/src/heimdal-0.5.tar.gz
KTH Heimdal 0.4 c
  • KTH heimdal-0.5.tar.gz ftp://ftp.pdc.kth.se/pub/heimdal/src/heimdal-0.5.tar.gz
KTH Heimdal 0.4 e
  • Debian heimdal-docs_0.2l-7.4_all.debDebian 2.2 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-docs_0. 2l-7.4_all.deb
  • Debian heimdal-docs_0.4e-7.woody.4_all.debDebian 3.0 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-docs_0. 4e-7.woody.4_all.deb
  • Debian heimdal-kdc_0.2l-7.4_alpha.debDebian 2.2 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.2 l-7.4_alpha.deb
  • Debian heimdal-kdc_0.2l-7.4_arm.debDebian 2.2 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.2 l-7.4_arm.deb
  • Debian heimdal-kdc_0.2l-7.4_i386.debDebian 2.2 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.2 l-7.4_i386.deb
  • Debian heimdal-kdc_0.2l-7.4_m68k.debDebian 2.2 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.2 l-7.4_m68k.deb
  • Debian heimdal-kdc_0.2l-7.4_powerpc.debDebian 2.2 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.2 l-7.4_powerpc.deb
  • Debian heimdal-kdc_0.2l-7.4_sparc.debDebian 2.2 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.2 l-7.4_sparc.deb
  • Debian heimdal-kdc_0.4e-7.woody.4_alpha.debDebian 3.0 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4 e-7.woody.4_alpha.deb
  • Debian heimdal-kdc_0.4e-7.woody.4_arm.debDebian 3.0 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4 e-7.woody.4_arm.deb
  • Debian heimdal-kdc_0.4e-7.woody.4_hppa.debDebian 3.0 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4 e-7.woody.4_hppa.deb
  • Debian heimdal-kdc_0.4e-7.woody.4_i386.debDebian 3.0 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4 e-7.woody.4_i386.deb
  • Debian heimdal-kdc_0.4e-7.woody.4_ia64.debDebian 3.0 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4 e

参考网址

来源: DEBIAN 名称: DSA-178 链接:http://www.debian.org/security/2002/dsa-178 来源: SUSE 名称: SuSE-SA:2002:034 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=103341355708817&w=2 来源: BUGTRAQ 名称: 20021014 GLSA: heimdal 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=103462479621246&w=2

受影响实体

  • Kth Heimdal:0.3e  
  • Kth Heimdal:0.4a  
  • Kth Heimdal:0.4d  
  • Kth Heimdal:0.4e  
  • Kth Heimdal:0.4c  

补丁

    暂无

weinxin
特别声明
本站(ZONE.CI)所有文章仅供技术研究,若将其信息做其他用途,由用户承担全部法律及连带责任,本站不承担任何法律及连带责任,请遵守中华人民共和国安全法.
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
咨询加Q:999999999
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
ZONE.CI 全球网 安全领域涉猎者-乌云独行地带
获取本源码
售前咨询加Q:120433200
站媒体网仿《知更鸟》模板
获取本源码 zmt6.com
评论:0   参与:  0