Re: [SECURITY] [DSA 765-1] New heimdal packages fix arbitrary code execution
joey@infodrom.org (Martin Schulze) writes:
> --------------------------------------------------------------------------
> Debian Security Advisory DSA 765-1 security@debian.org
> http://www.debian.org/security/ Martin Schulze
> July 22nd, 2005 http://www.debian.org/security/faq
> --------------------------------------------------------------------------
>
> Package : heimdal
> Vulnerability : buffer overflow
> Problem-Type : remote
> Debian-specific: no
> CVE ID : CAN-2005-0469
> CERT advisory : VU#291924
> Debian Bug : 305574
>
> Gaël Delalleau discovered a buffer overflow in the handling of the
> LINEMODE suboptions in telnet clients. Heimdal, a free implementation
> of Kerberos 5, also contains such a client. This can lead to the
> execution of arbitrary code when connected to a malicious server.
>
> For the old stable distribution (woody) this problem has been fixed in
> version 0.4e-7.woody.11.
>
> For the stable distribution (sarge) this problem has been fixed in
> version 0.6.3-10.
Huh? DSA 758 says that a buffer overflow in the telnet _server_ was
fixed in sarge by version 0.6.3-10sarge1. I would think that either
0.6.3-10sarge1 is not affected or that 0.6.3-10sarge2 is needed.
> For the unstable distribution (sid) this problem has been fixed in
> version 0.6.3-10.
Similar story here, I'd say.
> We recommend that you upgrade your heimdal package.
>
> [snip]
--
Olaf Meeuwissen EPSON AVASYS Corporation, LAN
FSF Associate Member #1962 sign up at http://member.fsf.org/
GnuPG key: 6BE37D90/AB6B 0D1F 99E7 1BF5 EB97 976A 16C7 F27D 6BE3 7D90
Penguin's lib! -- I hack, therefore I am -- LPIC-2
Reply to: