A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2023-01-12T00:00:00
Updated: 2024-08-03T01:07:06.624Z
Reserved: 2022-10-10T00:00:00
Link: CVE-2022-3437
Vulnrichment
Updated: 2024-08-03T01:07:06.624Z
NVD
Status : Modified
Published: 2023-01-12T15:15:10.083
Modified: 2024-04-22T16:15:12.370
Link: CVE-2022-3437
Redhat