| Vulnerability Name: | CVE-2002-1226 (CCN-11565) |
| Assigned: | 2002-09-17 |
| Published: | 2002-09-17 |
| Updated: | 2016-10-18 |
| Summary: | Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows (CVE-2002-1225).
|
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)| Exploitability Metrics: | Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None | | Scope: | Scope (S): Changed
| | Impact Metrics: | Confidentiality (C): High
Integrity (I): High
Availibility (A): High |
|
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)| Exploitability Metrics: | Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None | | Impact Metrics: | Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete |
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)| Exploitability Metrics: | Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
| | Impact Metrics: | Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete |
|
| Vulnerability Type: | CWE-Other
|
| Vulnerability Consequences: | File Manipulation |
| References: | Source: CCN
Type: NetBSD Security Advisory 2002-018
Multiple security isses with kfd daemon
Source: CCN
Type: Gentoo Linux Security Announcement 2002-10-14 15:30 UTC
heimdal
Source: MITRE
Type: CNA
CVE-2002-1226
Source: SUSE
Type: UNKNOWN
SuSE-SA:2002:034
Source: BUGTRAQ
Type: UNKNOWN
20021014 GLSA: heimdal
Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-178
Source: DEBIAN
Type: DSA-178
heimdal -- remote command execution
Source: CCN
Type: OSVDB ID: 5617
Heimdal Kerberos kadmind Multiple Unspecified Issues
Source: CCN
Type: Heimdal Web page
Heimdal
Source: CCN
Type: BID-5729
Heimdal Kerberos Forwarding Daemon File Overwriting Vulnerability
Source: XF
Type: UNKNOWN
heimdal-kf-kfd-modify-files(11565)
|
| Vulnerable Configuration: | Configuration 1:
cpe:/a:kth:heimdal:0.3e:*:*:*:*:*:*:*OR cpe:/a:kth:heimdal:0.4a:*:*:*:*:*:*:*OR cpe:/a:kth:heimdal:0.4b:*:*:*:*:*:*:*OR cpe:/a:kth:heimdal:0.4c:*:*:*:*:*:*:*OR cpe:/a:kth:heimdal:0.4d:*:*:*:*:*:*:*OR cpe:/a:kth:heimdal:0.4e:*:*:*:*:*:*:*
Configuration CCN 1:
cpe:/o:debian:debian_linux:2.2:*:*:*:*:*:*:*OR cpe:/o:suse:suse_linux:7.2:*:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*OR cpe:/o:suse:suse_linux:7.3:*:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*OR cpe:/a:suse:suse_email_server:iii:*:*:*:*:*:*:*OR cpe:/a:suse:suse_linux_connectivity_server:*:*:*:*:*:*:*:*OR cpe:/o:suse:suse_linux:8.0:*:*:*:*:*:*:*OR cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*OR cpe:/a:suse:suse_linux_office_server:*:*:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:1.6:*:*:*:*:*:*:*OR cpe:/o:netbsd:netbsd:current:*:*:*:*:*:*:*
 Denotes that component is vulnerable |
| Oval Definitions |
|
| BACK |