CVE-2002-1225

Description

Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access.

How to fix CVE-2002-1225

To remediate CVE-2002-1225, upgrade the affected package to a fixed version below.

• Debian/heimdal—upgrade to 0.4e-21 or later
• Debian/heimdal—upgrade to 0.4e-7.woody.4 or later

Is CVE-2002-1225 being exploited?

Low — EPSS is 1.5%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

• from 0, < 0.4e-21
• from 0, < 0.4e-7.woody.4

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2002-1225