Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0371

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0371
Last Modified 10 Sep 2008 03:25:59
Published 04 May 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0371

Summary

Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path.

Vulnerable Systems

Application

  • Kth Heimdal 0.4a

  • Kth Heimdal 0.4b

  • Kth Heimdal 0.4c

  • Kth Heimdal 0.4d

  • Kth Heimdal 0.4e

  • Kth Heimdal 0.5

  • Kth Heimdal 0.5.1

  • Kth Heimdal 0.5.2

  • Kth Heimdal 0.6.0


References

XF - heimdal-cross-realm-spoofing(15701)

DEBIAN - DSA-476

CONFIRM - http://www.pdc.kth.se/heimdal/advisory/2004-04-01/

GENTOO - GLSA-200404-09

OPENBSD - 20040530 009: SECURITY FIX: May 30, 2004

FREEBSD - FreeBSD-SA-04:08


Last Updated: 27 May 2016 10:38:34