Heimdal cross-realm spoofing

heimdal-cross-realm-spoofing (15701) The risk level is classified as MediumMedium Risk

Description:

Heimdal is vulnerable to session spoofing, caused by the improper validation of cross-realm requests. A remote attacker, in control of a realm, could spoof another user within the cross-realm trust path.


Consequences:

Gain Access

Remedy:

Upgrade to the latest version of Heimdal (0.6.1 or 0.5.3 or later), available from the Heimdal Web page. See References.

For Debian/GNU Linux 3.0 (woody):
Upgrade to the latest heimdal package (0.4e-7.woody.8.1 or later), as listed in DSA-476-1. See References.

For Gentoo Linux:
Upgrade to the latest version of heimdal (0.6.1 or later), as listed in GLSA 200404-09. See References.

For FreeBSD:
Upgrade to the latest version of FreeBSD (4-STABLE, or RELENG_5_2, RELENG_4_9, or RELENG_4_8 security branch dated later than 2004-05-05), as listed in FreeBSD Security Advisory FreeBSD-SA-04:08.heimdal. See References.

— OR —

Apply the patch for this vulnerability, as listed in FreeBSD Security Advisory FreeBSD-SA-04:08.heimdal. See References.

For other distributions:
Contact your vendor for upgrade or patch information.

References:

Platforms Affected:

  • Debian Debian Linux 3.0
  • FreeBSD FreeBSD 4.0
  • FreeBSD FreeBSD 5.0
  • Gentoo Linux
  • Heimdal Developers Heimdal prior to 0.5.3
  • Heimdal Developers Heimdal prior to 0.6.1

Reported:

Apr 01, 2004

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page