CVE-2004-0371

Published May 4, 2004

Last updated 7 years ago

CVSS info 5.0

Overview

Description: Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:kth:heimdal:0.4a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10627869-B21D-4EC6-B574-D6433D169940"
          },
          {
            "criteria": "cpe:2.3:a:kth:heimdal:0.4b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81AA2047-51E1-4D8C-B6CA-B2DB05D37480"
          },
          {
            "criteria": "cpe:2.3:a:kth:heimdal:0.4c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "434B4406-0B3A-4E7A-94D7-9E9ED63D7101"
          },
          {
            "criteria": "cpe:2.3:a:kth:heimdal:0.4d:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C752AE86-36DE-47C9-8AA6-2242918228B5"
          },
          {
            "criteria": "cpe:2.3:a:kth:heimdal:0.4e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D034C52F-7D52-427B-A803-97ABD587306D"
          },
          {
            "criteria": "cpe:2.3:a:kth:heimdal:0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "449DDE8E-2C1D-423B-B66F-64DDFB1A61F5"
          },
          {
            "criteria": "cpe:2.3:a:kth:heimdal:0.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9FBB280F-FD42-4B0F-9E40-2E21AB76EFAC"
          },
          {
            "criteria": "cpe:2.3:a:kth:heimdal:0.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C97EBE9-0A39-4EFE-B95C-C7813CE68389"
          },
          {
            "criteria": "cpe:2.3:a:kth:heimdal:0.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5803F2FB-7C3D-40E9-BC30-DC66A7A600F8"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References