First published: Thu Oct 13 2022(Updated: )
Isaac Boukris and Andrew Bartlett discovered that Heimdal's KDC was not properly performing checksum algorithm verifications in the S4U2Self extension module. An attacker could possibly use this issue to perform a machine-in-the-middle attack and request S4U2Self tickets for any user known by the application. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2018-16860) It was discovered that Heimdal was not properly handling the verification of key exchanges when an anonymous PKINIT was being used. An attacker could possibly use this issue to perform a machine-in-the-middle attack and expose sensitive information. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2019-12098) Joseph Sutton discovered that Heimdal was not properly handling memory management operations when dealing with TGS-REQ tickets that were missing information. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-3671) Michał Kępień discovered that Heimdal was not properly handling logical conditions that related to memory management operations. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-3116)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/libgssapi3-heimdal | <7.7.0+dfsg-1ubuntu1.1 | 7.7.0+dfsg-1ubuntu1.1 |
=20.04 | ||
All of | ||
ubuntu/heimdal-kcm | <7.7.0+dfsg-1ubuntu1.1 | 7.7.0+dfsg-1ubuntu1.1 |
=20.04 | ||
All of | ||
ubuntu/heimdal-kdc | <7.7.0+dfsg-1ubuntu1.1 | 7.7.0+dfsg-1ubuntu1.1 |
=20.04 | ||
All of | ||
ubuntu/libkdc2-heimdal | <7.7.0+dfsg-1ubuntu1.1 | 7.7.0+dfsg-1ubuntu1.1 |
=20.04 | ||
All of | ||
ubuntu/heimdal-servers | <7.7.0+dfsg-1ubuntu1.1 | 7.7.0+dfsg-1ubuntu1.1 |
=20.04 | ||
All of | ||
ubuntu/libkrb5-26-heimdal | <7.7.0+dfsg-1ubuntu1.1 | 7.7.0+dfsg-1ubuntu1.1 |
=20.04 | ||
All of | ||
ubuntu/heimdal-clients | <7.7.0+dfsg-1ubuntu1.1 | 7.7.0+dfsg-1ubuntu1.1 |
=20.04 | ||
All of | ||
ubuntu/libgssapi3-heimdal | <7.5.0+dfsg-1ubuntu0.1 | 7.5.0+dfsg-1ubuntu0.1 |
=18.04 | ||
All of | ||
ubuntu/heimdal-kcm | <7.5.0+dfsg-1ubuntu0.1 | 7.5.0+dfsg-1ubuntu0.1 |
=18.04 | ||
All of | ||
ubuntu/heimdal-kdc | <7.5.0+dfsg-1ubuntu0.1 | 7.5.0+dfsg-1ubuntu0.1 |
=18.04 | ||
All of | ||
ubuntu/libkdc2-heimdal | <7.5.0+dfsg-1ubuntu0.1 | 7.5.0+dfsg-1ubuntu0.1 |
=18.04 | ||
All of | ||
ubuntu/heimdal-servers | <7.5.0+dfsg-1ubuntu0.1 | 7.5.0+dfsg-1ubuntu0.1 |
=18.04 | ||
All of | ||
ubuntu/libkrb5-26-heimdal | <7.5.0+dfsg-1ubuntu0.1 | 7.5.0+dfsg-1ubuntu0.1 |
=18.04 | ||
All of | ||
ubuntu/heimdal-clients | <7.5.0+dfsg-1ubuntu0.1 | 7.5.0+dfsg-1ubuntu0.1 |
=18.04 | ||
All of | ||
ubuntu/libgssapi3-heimdal | <1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm1 | 1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm1 |
=16.04 | ||
All of | ||
ubuntu/heimdal-kcm | <1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm1 | 1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm1 |
=16.04 | ||
All of | ||
ubuntu/heimdal-kdc | <1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm1 | 1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm1 |
=16.04 | ||
All of | ||
ubuntu/libkdc2-heimdal | <1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm1 | 1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm1 |
=16.04 | ||
All of | ||
ubuntu/heimdal-servers | <1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm1 | 1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm1 |
=16.04 | ||
All of | ||
ubuntu/libkrb5-26-heimdal | <1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm1 | 1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm1 |
=16.04 | ||
All of | ||
ubuntu/heimdal-clients | <1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm1 | 1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm1 |
=16.04 | ||
All of | ||
ubuntu/heimdal-servers-x | <1.6~git20131207+dfsg-1ubuntu1.2+esm1 | 1.6~git20131207+dfsg-1ubuntu1.2+esm1 |
=14.04 | ||
All of | ||
ubuntu/libgssapi3-heimdal | <1.6~git20131207+dfsg-1ubuntu1.2+esm1 | 1.6~git20131207+dfsg-1ubuntu1.2+esm1 |
=14.04 | ||
All of | ||
ubuntu/heimdal-kcm | <1.6~git20131207+dfsg-1ubuntu1.2+esm1 | 1.6~git20131207+dfsg-1ubuntu1.2+esm1 |
=14.04 | ||
All of | ||
ubuntu/heimdal-kdc | <1.6~git20131207+dfsg-1ubuntu1.2+esm1 | 1.6~git20131207+dfsg-1ubuntu1.2+esm1 |
=14.04 | ||
All of | ||
ubuntu/libkdc2-heimdal | <1.6~git20131207+dfsg-1ubuntu1.2+esm1 | 1.6~git20131207+dfsg-1ubuntu1.2+esm1 |
=14.04 | ||
All of | ||
ubuntu/heimdal-servers | <1.6~git20131207+dfsg-1ubuntu1.2+esm1 | 1.6~git20131207+dfsg-1ubuntu1.2+esm1 |
=14.04 | ||
All of | ||
ubuntu/heimdal-clients-x | <1.6~git20131207+dfsg-1ubuntu1.2+esm1 | 1.6~git20131207+dfsg-1ubuntu1.2+esm1 |
=14.04 | ||
All of | ||
ubuntu/libkrb5-26-heimdal | <1.6~git20131207+dfsg-1ubuntu1.2+esm1 | 1.6~git20131207+dfsg-1ubuntu1.2+esm1 |
=14.04 | ||
All of | ||
ubuntu/heimdal-clients | <1.6~git20131207+dfsg-1ubuntu1.2+esm1 | 1.6~git20131207+dfsg-1ubuntu1.2+esm1 |
=14.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Contains the following vulnerabilities)