CVE-2017-6594
See a problem?- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-6594
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-6594.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-6594
- Related
- Published
- 2017-08-28T19:29:01Z
- Modified
- 2024-09-18T02:50:23.333473Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets.
- References
-
- http://www.h5l.org/advisories.html?show=2017-04-13
- https://github.com/heimdal/heimdal/commit/b1e699103f08d6a0ca46a122193c9da65f6cf837
- https://github.com/heimdal/heimdal/releases/tag/heimdal-7.3.0
- http://lists.opensuse.org/opensuse-updates/2017-08/msg00062.html
- https://security-tracker.debian.org/tracker/CVE-2017-6594
Affected packages
Debian:11 / heimdal
Package
- Name
- heimdal
- Purl
- pkg:deb/debian/heimdal?arch=source
Debian:12 / heimdal
Package
- Name
- heimdal
- Purl
- pkg:deb/debian/heimdal?arch=source
Debian:13 / heimdal
Package
- Name
- heimdal
- Purl
- pkg:deb/debian/heimdal?arch=source
Git / github.com/heimdal/heimdal
Affected ranges
- Type
- GIT
- Repo
- https://github.com/heimdal/heimdal
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
git2svn-syncpoint-master
switch-from-svn-to-git
heimdal-1.*
heimdal-1.3.0pre1
heimdal-1.3.0pre10
heimdal-1.3.0pre11
heimdal-1.3.0pre3
heimdal-1.3.0pre4
heimdal-1.3.0pre5
heimdal-1.3.0pre6
heimdal-1.3.0pre7
heimdal-1.3.0pre8
heimdal-1.3.0pre9
heimdal-1.3.0rc1
heimdal-1.5pre1
heimdal-1.5pre2
upstream-1.*
upstream-1.4.0+git20101228.dfsg.1
upstream-1.4.0+git20110220.dfsg.1