Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HHeimdal Project Heimdal
APPHeimdal Project< 7.7.1Samba
APPSamba4.15.0 – 4.15.3 (bez)4.16.0 – 4.16.8 (bez)4.17.0 – 4.17.4 (bez)
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
RCE
Powiązane podatności
CVE-2017-7494CRITICAL9.8⚠ KEVten sam produkt
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerabi...
CVE-2026-4408CRITICAL9.0PL ✓ten sam produkt
Samba: RCE przez command injection w 'check password script' z podstawieniem %u
CVE-2026-4480CRITICAL9.0PL ✓ten sam produkt
Samba: command injection w podsystemie drukowania przez podstawienie %J
CVE-2023-3961CRITICAL9.1ten sam produkt
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix do...
CVE-2022-45141CRITICAL9.8ten sam produkt
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2...