CVE-2017-6594

The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets.

References

Affected packages

Git / github.com/heimdal/heimdal

Affected ranges

Type: GIT
Repo: https://github.com/heimdal/heimdal
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

40d4229585ec17a9c051605aad7dd5d9e8831256

Fixed

b1e699103f08d6a0ca46a122193c9da65f6cf837

Affected versions

Other

git2svn-syncpoint-master

switch-from-svn-to-git

heimdal-1.*

heimdal-1.3.0pre1

heimdal-1.3.0pre10

heimdal-1.3.0pre11

heimdal-1.3.0pre3

heimdal-1.3.0pre4

heimdal-1.3.0pre5

heimdal-1.3.0pre6

heimdal-1.3.0pre7

heimdal-1.3.0pre8

heimdal-1.3.0pre9

heimdal-1.3.0rc1

heimdal-1.5pre1

heimdal-1.5pre2

heimdal-7.*

heimdal-7.0.1

heimdal-7.0.2

heimdal-7.0.3

heimdal-7.1.0

heimdal-7.1rc1

heimdal-7.2.0

upstream-1.*

upstream-1.4.0+git20101228.dfsg.1

upstream-1.4.0+git20110220.dfsg.1

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "270238562784984867584632901616162288360",
            "length": 6359.0
        },
        "target": {
            "file": "kdc/krb5tgs.c",
            "function": "tgs_make_reply"
        },
        "source": "https://github.com/heimdal/heimdal/commit/b1e699103f08d6a0ca46a122193c9da65f6cf837",
        "id": "CVE-2017-6594-a768238d",
        "deprecated": false,
        "signature_version": "v1"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "305022542824129016834200220310623900651",
            "length": 16805.0
        },
        "target": {
            "file": "kdc/krb5tgs.c",
            "function": "tgs_build_reply"
        },
        "source": "https://github.com/heimdal/heimdal/commit/b1e699103f08d6a0ca46a122193c9da65f6cf837",
        "id": "CVE-2017-6594-e9984013",
        "deprecated": false,
        "signature_version": "v1"
    },
    {
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "198393109441526925492806710884896915895",
                "193198016268089982154047290234061457923",
                "256300685901101071979731921024938987275",
                "183715295914950232048519498365468716072",
                "165692208357131289791457558362817017545",
                "188863839268074315153191233273064338369",
                "335580149951430019058437415557590538536",
                "334917830873247331976381154459794066000",
                "177924951166548806478344687584020217908",
                "153299739250229614167617667876376557893",
                "84265815331005270073039962125566638586",
                "105502795374259753590934452742323092629",
                "123013933675658844737198371296028143512",
                "82066128683412745065137566045503026864",
                "261292193795307544534949030580026777853",
                "64111570154886694325493333109515886997",
                "171780142670357872485095432955078437132",
                "321333544137875615745871679586554424570",
                "67756729216022336413590670817910045499",
                "234390348100649634405377105554198074169",
                "276729440000952003935074591877305356590"
            ]
        },
        "target": {
            "file": "kdc/krb5tgs.c"
        },
        "source": "https://github.com/heimdal/heimdal/commit/b1e699103f08d6a0ca46a122193c9da65f6cf837",
        "id": "CVE-2017-6594-fec21090",
        "deprecated": false,
        "signature_version": "v1"
    }
]