[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 765-1] New heimdal packages fix arbitrary code execution



Moritz Muehlenhoff <jmm@inutil.org> writes:

> In gmane.linux.debian.devel.security, you wrote:
>>> Package        : heimdal
>>> Vulnerability  : buffer overflow
>>> Problem-Type   : remote
>>> Debian-specific: no
>>> CVE ID         : CAN-2005-0469
>
>>> Gaël Delalleau discovered a buffer overflow in the handling of the
>>> LINEMODE suboptions in telnet clients.  Heimdal, a free implementation
>>> of Kerberos 5, also contains such a client.  This can lead to the
>>> execution of arbitrary code when connected to a malicious server.
>>
>> Huh?  DSA 758 says that a buffer overflow in the telnet _server_ was
>> fixed in sarge by version 0.6.3-10sarge1.  I would think that either
>> 0.6.3-10sarge1 is not affected or that 0.6.3-10sarge2 is needed.
>
> This is the heimdal equivalent to the MIT Kerberos fix from DSA-703.

That is not really my point.  DSA 758 made 0.6.3-10sarge1 the newest
version for sarge.  Now DSA 765 claims that 0.6.3-10 fixes another
problem.  My point is that this version is *not* newer than the
version introduced by DSA 758 so the various package managers will not
pick it up.
-- 
Olaf Meeuwissen                          EPSON AVASYS Corporation, LAN
FSF Associate Member #1962           sign up at http://member.fsf.org/
GnuPG key: 6BE37D90/AB6B 0D1F 99E7 1BF5 EB97  976A 16C7 F27D 6BE3 7D90
Penguin's lib!       -- I hack, therefore I am --               LPIC-2



Reply to: