Skip to main content

Heap-based Buffer Overflow


Severity Medium
Score 6.5/10


A Heap-based Buffer Overflow vulnerability was found in Samba versions 3.4.0pre1 prior to 4.15.11, 4.16.x prior to 4.16.6, and 4.17.x prior to 4.17.2 within the GSSAPI "unwrap_des()" and "unwrap_des3()" routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on "malloc()" allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application, possibly resulting in a denial of service (DoS) attack. Heimdal before 7.7.1 also has a similar bug.

  • LOW
  • NONE
  • NONE
  • LOW
  • NONE
  • HIGH

CWE-122 - Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Advisory Timeline

  • Published