Vulnerability CVE-2017-6594


Published: 2017-08-28

Description:
The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets.

Type:

CWE-295

(Certificate Issues)

Vendor: H5L
Product: Heimdal 
Version: 7.2.0;
Vendor: Opensuse project
Product: LEAP 
Version: 42.3; 42.2;
Vendor: Opensuse
Product: LEAP 
Version: 42.2;

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None

 References:
http://lists.opensuse.org/opensuse-updates/2017-08/msg00062.html
http://www.h5l.org/advisories.html?show=2017-04-13
https://github.com/heimdal/heimdal/commit/b1e699103f08d6a0ca46a122193c9da65f6cf837
https://github.com/heimdal/heimdal/releases/tag/heimdal-7.3.0

Related CVE
CVE-2015-7542
An issue exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates.
CVE-2019-18622
An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature.
CVE-2019-14869
A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating ...
CVE-2019-11139
Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access.
CVE-2019-11135
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
CVE-2011-1588
Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error.
CVE-2011-1490
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of...
CVE-2011-1489
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial o...

Copyright 2019, cxsecurity.com

 

Back to Top