← Back

CVE-2004-0371

nvd nist
Published: May 4, 2004Modified: Apr 16, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:P/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path.

Affected (9)

Products: Kth: Heimdal
Kth
1 product
Heimdal
Configuration A
9 vulnerable
Vulnerable SoftwareAffected Versions
Kth
Heimdal
Version 0.4a
Heimdal
Version 0.4b
Heimdal
Version 0.4c
Heimdal
Version 0.4d
Heimdal
Version 0.4e
Heimdal
Version 0.5.1
Heimdal
Version 0.5.2
Heimdal
Version 0.5
Heimdal
Version 0.6.0

References (12)

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:08.heimdal.asc (unsafe URL)
Source: cve@mitre.org
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/009_kerberos.patch (unsafe URL)
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:08.heimdal.asc (unsafe URL)
Source: af854a3a-2127-422b-91ae-364da2661108
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/009_kerberos.patch (unsafe URL)
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.