ID

VAR-200505-0163

CVE

CVE-2005-0469

TITLE

Multiple Telnet clients fail to properly handle the "LINEMODE" SLC suboption

DESCRIPTION

Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands. Multiple Telnet clients contain a data length validation flaw which may allow a server to induce arbitrary code execution on the client host. A remote buffer-overflow vulnerability affects multiple vendors' Telnet client. This issue is due to the application's failure to properly validate the length of user-supplied strings before copying them into static process buffers. An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation. ---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Sun SEAM Telnet Client Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA15030 VERIFY ADVISORY: http://secunia.com/advisories/15030/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From remote SOFTWARE: Sun SEAM 1.x http://secunia.com/product/1006/ DESCRIPTION: Sun has acknowledged some vulnerabilities in SEAM, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA14745 SOLUTION: The vendor suggests removing the execute permissions from "/usr/krb5/bin/telnet". ORIGINAL ADVISORY: Sun Microsystems: http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1 OTHER REFERENCES: SA14745: http://secunia.com/advisories/14745/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . Heimdal, a free implementation of Kerberos 5, also contains such a client. This can lead to the execution of arbitrary code when connected to a malicious server. For the old stable distribution (woody) this problem has been fixed in version 0.4e-7.woody.11. For the stable distribution (sarge) this problem has been fixed in version 0.6.3-10. For the unstable distribution (sid) this problem has been fixed in version 0.6.3-10. We recommend that you upgrade your heimdal package. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.11.dsc Size/MD5 checksum: 1065 8fc37ea432a8120da0f370b0b2c9125b http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.11.diff.gz Size/MD5 checksum: 1295043 b27c9a952ed6a53698d654b2dbca9b52 http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e.orig.tar.gz Size/MD5 checksum: 2885718 1d27b06ec2f818f5b4ae2b90ca0e9cb8 Architecture independent components: http://security.debian.org/pool/updates/main/h/heimdal/heimdal-docs_0.4e-7.woody.11_all.deb Size/MD5 checksum: 1056336 e6f819c78b38e6c9b854104879a82a76 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-lib_0.4e-7.woody.11_all.deb Size/MD5 checksum: 20298 630b472eea6aef8b53ed678ebd6d9676 Alpha architecture: http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_alpha.deb Size/MD5 checksum: 275276 12437fc71585df2debc30260d44881ae http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_alpha.deb Size/MD5 checksum: 61016 e28f3db25cf9fced15d07c9843d0bb7f http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_alpha.deb Size/MD5 checksum: 573726 fcd82b8d22e86f0f67b188e5a182aad9 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_alpha.deb Size/MD5 checksum: 135164 67d1f00e15b893fbd7f1a0009eb9047c http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_alpha.deb Size/MD5 checksum: 181834 7860ca01ee394b8200487356546fe94e http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_alpha.deb Size/MD5 checksum: 39864 f631f57c94a0554e3daa62b6f3029999 http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_alpha.deb Size/MD5 checksum: 65534 6b3fa215d70b35e71ec21545d3db48db http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_alpha.deb Size/MD5 checksum: 23892 fc3c8e707764634638083acb5b4b6312 http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_alpha.deb Size/MD5 checksum: 43368 269a6e04b6e7db823a237b7af6812eb3 http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_alpha.deb Size/MD5 checksum: 41880 0e9ca330caa8ae710f8594d156065e0c http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_alpha.deb Size/MD5 checksum: 33922 2d774846eed21710c9c9cf19e9af2cf8 http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_alpha.deb Size/MD5 checksum: 44744 d154ba1ed49d1458ee2707d021d1e8b8 http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_alpha.deb Size/MD5 checksum: 31484 d22c13f1da35553ba942274dec958959 http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_alpha.deb Size/MD5 checksum: 134054 3261ce8e03209f64748d4e05fcf47bc3 http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_alpha.deb Size/MD5 checksum: 65944 5a5aeea7b73b37b3604d9d3d43991881 http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_alpha.deb Size/MD5 checksum: 59356 80c67e5e8bba2ffeaad753a6dd5173be http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_alpha.deb Size/MD5 checksum: 28538 700352c1de8dd30a37f95da03d5ad9ce http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_alpha.deb Size/MD5 checksum: 29424 91458eb256f4d7b446f8d3899f751193 ARM architecture: http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_arm.deb Size/MD5 checksum: 227174 8ab44db32ee205256ca597197eff9427 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_arm.deb Size/MD5 checksum: 53968 ca664151450031013a9bfb0dd5fb32af http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_arm.deb Size/MD5 checksum: 441598 25127b23b893ba6515cbb9be7dee0ebd http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_arm.deb Size/MD5 checksum: 110266 ec3cde13087c74757744ca9bfebe00d5 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_arm.deb Size/MD5 checksum: 148006 ee02412bfd96d484a147e5e8c06f40ee http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_arm.deb Size/MD5 checksum: 35538 aa3e74b814fcdb1abb401f11eb8842e1 http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_arm.deb Size/MD5 checksum: 57216 4081aad0b651d131f3424980879bc861 http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_arm.deb Size/MD5 checksum: 23412 03b68670c37f4a4cc8fee59f4023e903 http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_arm.deb Size/MD5 checksum: 38594 7a3315d21fdf7c3854bba5e17bca1e11 http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_arm.deb Size/MD5 checksum: 38298 0f16402f3694c2bb1d4cc4450df540e4 http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_arm.deb Size/MD5 checksum: 31850 3e1bd368481f666f6d7b2ec2dc4ed912 http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_arm.deb Size/MD5 checksum: 40000 024228d74f0a589c73e31688cbb9f3e1 http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_arm.deb Size/MD5 checksum: 29842 9e7ef427e9d3fd277ca8448d3078a2b6 http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_arm.deb Size/MD5 checksum: 112472 3fc814c80adaaace125166bd8cd013d3 http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_arm.deb Size/MD5 checksum: 51960 b48f25ea15d3e65d6444ce5960213d32 http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_arm.deb Size/MD5 checksum: 53414 fdd7b63f63ffea2ef5e4574528419baf http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_arm.deb Size/MD5 checksum: 28918 a15c818745634dee06c40610b66a92f6 http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_arm.deb Size/MD5 checksum: 29636 e97a487116f2367299decb51cccc098f Intel IA-32 architecture: http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_i386.deb Size/MD5 checksum: 219936 7cd4a7ae4c56f3a1a4700fea756b62c3 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_i386.deb Size/MD5 checksum: 52704 a64eea9e99a5dffeb211167f2edfac7b http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_i386.deb Size/MD5 checksum: 405344 d5d263dba7f36d95ac5344d750abd1f0 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_i386.deb Size/MD5 checksum: 109934 37fab8f1c45a897a7a063641133789d5 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_i386.deb Size/MD5 checksum: 144312 21570cc9e367ab0ccb89a011a56b2177 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_i386.deb Size/MD5 checksum: 35670 039764b15c3a1e18703cc1fa2773c97e http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_i386.deb Size/MD5 checksum: 59842 4a1a98a52cbc2d86d4c5adf088bec1e3 http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_i386.deb Size/MD5 checksum: 23304 ad9ed998a1ae50e6dd5368c07ed5db7d http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_i386.deb Size/MD5 checksum: 38682 5170e1500eba0b17baedc95e6e763063 http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_i386.deb Size/MD5 checksum: 38612 425b8857ddb2105a6d2ec9399eeeef4e http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_i386.deb Size/MD5 checksum: 32068 6cb760663c089906b9c8cc89c1395f34 http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_i386.deb Size/MD5 checksum: 40062 9f9d04c843ae164bbdf28b7d1a4ede7f http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_i386.deb Size/MD5 checksum: 29712 a375688e6029d5fae6ae4e3662ed88b1 http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_i386.deb Size/MD5 checksum: 111312 1ea1a0a7b36935fa1d3fbaf508530a94 http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_i386.deb Size/MD5 checksum: 51816 935711339e95322f578622bf3271c4fd http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_i386.deb Size/MD5 checksum: 51696 223796e010ca4be9e927c438ffa921ac http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_i386.deb Size/MD5 checksum: 27500 4b5382836ff3c4f1bdcff2a30e7a97ba http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_i386.deb Size/MD5 checksum: 28222 d4ea500c49786252fbb522d32fb78ee3 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_ia64.deb Size/MD5 checksum: 335082 762bb44529ac965fafe57a153375f8cf http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_ia64.deb Size/MD5 checksum: 69096 cf9fd237439d89479af7e813447c7ad5 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_ia64.deb Size/MD5 checksum: 613424 efacfc44d5d6bac9227bc6709e52182c http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_ia64.deb Size/MD5 checksum: 154164 ec762443001df7fe29a3a497ad9c14df http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_ia64.deb Size/MD5 checksum: 210540 d4e2c1c65f0a4f1bc1d20ca1348d3972 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_ia64.deb Size/MD5 checksum: 44222 87a27ba41ffc9ad9d5296ba1133ec8cc http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_ia64.deb Size/MD5 checksum: 82102 a1cabba1e3ab285acc9d0ec414ea5d5c http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_ia64.deb Size/MD5 checksum: 24782 996c48ba78eabc7a24c92eea9abf70bc http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_ia64.deb Size/MD5 checksum: 50174 21abd59f30af1574012e6c75d7f7d7e5 http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_ia64.deb Size/MD5 checksum: 48600 b12ccb241bbe65a5acc1009cb41508d8 http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_ia64.deb Size/MD5 checksum: 37744 d881400db00426478c525913366d5dcb http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_ia64.deb Size/MD5 checksum: 52210 81a0014eee08020f7f333f2835d089b8 http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_ia64.deb Size/MD5 checksum: 35256 49820e0275c2f170d50531d0cf4be224 http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_ia64.deb Size/MD5 checksum: 169750 ae2c7d4ccd96a7c495a91bb8272bf872 http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_ia64.deb Size/MD5 checksum: 64900 421ce6b03daf43a5ca9769d95c614a34 http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_ia64.deb Size/MD5 checksum: 68682 a3b21eb50c8757538bc234e948a3e35a http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_ia64.deb Size/MD5 checksum: 30710 9eb38bbec69e72e52581cd355373ced3 http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_ia64.deb Size/MD5 checksum: 31932 e2fbc77b172c6eb54c12461333f00ef1 HP Precision architecture: http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_hppa.deb Size/MD5 checksum: 256874 140bdfc671e9acd9150a6995b247af34 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_hppa.deb Size/MD5 checksum: 57454 caa48211376a98c67e03d068e6fbeb6f http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_hppa.deb Size/MD5 checksum: 516072 ae166665afe33ad8e24ae155e74e7bce http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_hppa.deb Size/MD5 checksum: 119300 8b7fae0ab762cb2522db9b78d8c0d186 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_hppa.deb Size/MD5 checksum: 162998 c4c23fcc53e97f070b5d528eb163af00 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_hppa.deb Size/MD5 checksum: 37784 dbf2fb481981fe63a558447139c5b7bb http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_hppa.deb Size/MD5 checksum: 69388 fbd6ba202c666b7c8b27686fb309f528 http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_hppa.deb Size/MD5 checksum: 23946 96ab72df3ae02e9822a52fa4d0fe08c2 http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_hppa.deb Size/MD5 checksum: 42206 50ce55dbed833c43a58c7b5913249754 http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_hppa.deb Size/MD5 checksum: 43540 8b1c4044113c1021717ef3c5b79686d6 http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_hppa.deb Size/MD5 checksum: 34384 ce7f69712e2af6ec72bbddaaa4a4ed9d http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_hppa.deb Size/MD5 checksum: 45178 2148edf895d480b315fd5236a82af8be http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_hppa.deb Size/MD5 checksum: 32060 966345ea7709602258fefcc66b75c2a3 http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_hppa.deb Size/MD5 checksum: 139936 a1917b6ae317b87749a7ea8b6c68cc96 http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_hppa.deb Size/MD5 checksum: 70198 5350eedbce161c1c2cd09d780a80e8ae http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_hppa.deb Size/MD5 checksum: 60560 722387dd2747e994d49335669ea93449 http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_hppa.deb Size/MD5 checksum: 30790 07abee4e10bd0f2834292aa9aed0351c http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_hppa.deb Size/MD5 checksum: 31656 a2601adf14c97c6339e5eece745b61ed Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_m68k.deb Size/MD5 checksum: 211826 b3a51143513404c3a58869ccdc980352 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_m68k.deb Size/MD5 checksum: 52172 05037589546d7bad9cf0fdc47c9b234a http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_m68k.deb Size/MD5 checksum: 399312 bdec29fdaa096cfb4205448ca30debdf http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_m68k.deb Size/MD5 checksum: 105690 104bd645147011b71b3d4250083df27d http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_m68k.deb Size/MD5 checksum: 138286 5f206db56db8e0c610eb17349f6da5be http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_m68k.deb Size/MD5 checksum: 35156 c55f2924284487b4169a9d52f3b79f18 http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_m68k.deb Size/MD5 checksum: 55500 b0b11055a2b744a20688eda87678f24c http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_m68k.deb Size/MD5 checksum: 23424 3e66bc4d54685e4cbafc1a53dcb7e4cf http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_m68k.deb Size/MD5 checksum: 38200 296ae362e7a9483e866f959ad4a5832b http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_m68k.deb Size/MD5 checksum: 37984 aa745d6da276a877a415fd66a06128d8 http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_m68k.deb Size/MD5 checksum: 31712 9af44dffde45b673760c7991606eb312 http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_m68k.deb Size/MD5 checksum: 39850 606e9fe193e34f3ae1ea864e3a9e21bd http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_m68k.deb Size/MD5 checksum: 29436 ba92cf45fc7bfed068cc3de3d63220ee http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_m68k.deb Size/MD5 checksum: 111036 ade91cc8a12d1d5a3e57e4762a68a060 http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_m68k.deb Size/MD5 checksum: 68726 77f24b45977cb9e3e729ee64d4e3ec4b http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_m68k.deb Size/MD5 checksum: 49958 4967192c48b8ad8bc1f0c0b244635616 http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_m68k.deb Size/MD5 checksum: 27460 883c720bb718cd60dbe9f38c8792c2e0 http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_m68k.deb Size/MD5 checksum: 28192 88b86afb0a2b04da8785c165402d7727 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_mips.deb Size/MD5 checksum: 248918 005efbd5408a65d580e0c4d8ed8ed80b http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_mips.deb Size/MD5 checksum: 55564 4aa128a89c3f5b8dd3529e89e3d27f37 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_mips.deb Size/MD5 checksum: 505212 d8dda2a0131d90cf29d9e299d28b356b http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_mips.deb Size/MD5 checksum: 114882 5102fbf99e5f52569a22a2c17748a520 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_mips.deb Size/MD5 checksum: 160242 cf112ed81fdf868ab6efb07ef93ac2d7 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_mips.deb Size/MD5 checksum: 37388 6a46e03e6fdbd7e4803ef2fb1370c699 http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_mips.deb Size/MD5 checksum: 58340 086cf69030b957bbe6cd27516f717f29 http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_mips.deb Size/MD5 checksum: 23590 15c7586e6b6cd94e3c3a559e980e5645 http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_mips.deb Size/MD5 checksum: 39534 755f9ee7cd757674e4d569ae01ec9474 http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_mips.deb Size/MD5 checksum: 39014 7199130531d369f8c8bd8178ae66158f http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_mips.deb Size/MD5 checksum: 32122 8d128559a4e7b55a8309c7ded954ea93 http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_mips.deb Size/MD5 checksum: 40734 cd594016cfb45138345f8d19f824d5b2 http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_mips.deb Size/MD5 checksum: 30376 946da152608b5d49ed90edb152946442 http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_mips.deb Size/MD5 checksum: 120610 42e1d7253a98a12279a61bc3b12bfe10 http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_mips.deb Size/MD5 checksum: 57476 f4e2d9e86dc852068faad25bb8e78ca5 http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_mips.deb Size/MD5 checksum: 53346 974a501c32c765c9063ca0b1bf0100b3 http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_mips.deb Size/MD5 checksum: 28520 fa5ce3789529406ce6c62f6fb24e46b2 http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_mips.deb Size/MD5 checksum: 29186 8736a50aa2789aaed507714ebd298240 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_mipsel.deb Size/MD5 checksum: 248064 8891058ed6fc8826f4bd57d5b8eb26b1 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_mipsel.deb Size/MD5 checksum: 55550 559be15f2dc64fffea360f5281660435 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_mipsel.deb Size/MD5 checksum: 499388 8c838954ef0b75815fc8eedb3fc7559f http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_mipsel.deb Size/MD5 checksum: 114840 5d87f1b1d7dddf6d4087730b810d3d5d http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_mipsel.deb Size/MD5 checksum: 160350 cae061acf36faa4acc76abf8640051f8 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_mipsel.deb Size/MD5 checksum: 37308 b14e3b3f5c4ef1c9bb0615a9c2dace69 http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_mipsel.deb Size/MD5 checksum: 57946 acc5e0cee40880946eb211fb6d395f2c http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_mipsel.deb Size/MD5 checksum: 23590 4b376e0c25d261f8eaa64e8a8bbd3d8c http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_mipsel.deb Size/MD5 checksum: 39220 5c6c245272b4b80fadd56f2248f7861e http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_mipsel.deb Size/MD5 checksum: 38712 e57c37dc5afcb2d09d684b759ac33f77 http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_mipsel.deb Size/MD5 checksum: 32044 dc3622de31025834023b1c2e68ef3246 http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_mipsel.deb Size/MD5 checksum: 40354 9ffa12ee944c9def479add6f18db7dc1 http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_mipsel.deb Size/MD5 checksum: 30352 69ea54f0432371140f802ac1a2e6f1ff http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_mipsel.deb Size/MD5 checksum: 119520 307afbe2f26e9db953abb82c7d305799 http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_mipsel.deb Size/MD5 checksum: 52682 07759311f573f201c3187808f0955b54 http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_mipsel.deb Size/MD5 checksum: 53410 4033254bfa0482ec101e9de313ba5bfd http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_mipsel.deb Size/MD5 checksum: 28588 71be890e75aa25f27cac29437ba3b4cb http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_mipsel.deb Size/MD5 checksum: 29268 8260428b6857d0b2bf127f47d8082f66 PowerPC architecture: http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_powerpc.deb Size/MD5 checksum: 228262 a5c5faca2967096b1a364c13740d32df http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_powerpc.deb Size/MD5 checksum: 53894 552c568c50d62e54a5e96daa2bb87c1c http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_powerpc.deb Size/MD5 checksum: 466526 a50ed6bb5e236c8d6db8243734803ea0 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_powerpc.deb Size/MD5 checksum: 110132 4c947ba0c94cef3629eaa0f7eac8c2a1 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_powerpc.deb Size/MD5 checksum: 149254 722d7ced6894cefd14f68e446af458db http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_powerpc.deb Size/MD5 checksum: 36230 dfbe16f671521b1515c9c8c9265a5342 http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_powerpc.deb Size/MD5 checksum: 57226 cfea58fb03d07ed85d674df21f1c7e7e http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_powerpc.deb Size/MD5 checksum: 23580 7d63a22a980a14030126cfa322243ffc http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_powerpc.deb Size/MD5 checksum: 39364 f6e7d32e6da45f8d5893e1d681eb9788 http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_powerpc.deb Size/MD5 checksum: 38630 1a815e315e9650a39f9c685fa8861846 http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_powerpc.deb Size/MD5 checksum: 31794 b54c265e1578e0f40cc7a683d6b8c742 http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_powerpc.deb Size/MD5 checksum: 40104 7dd0775da038d1b34428efd6bffa4b6c http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_powerpc.deb Size/MD5 checksum: 30246 a7a5c8635a3c1c9b508e8af3dd05d44f http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_powerpc.deb Size/MD5 checksum: 118918 2f21bb221eef3fb8ab9caa3006dae794 http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_powerpc.deb Size/MD5 checksum: 69400 7d1bb7b9e83a7ed9cf53cb5d385e9447 http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_powerpc.deb Size/MD5 checksum: 53826 fe4212f691d675bf1f682d17329c6c5e http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_powerpc.deb Size/MD5 checksum: 28744 0012158f14e5fff7ec9988e2d7939cf6 http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_powerpc.deb Size/MD5 checksum: 29560 58921e138af421a9ea48d7a35b728f01 IBM S/390 architecture: http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_s390.deb Size/MD5 checksum: 235020 45fae34704d01f03b5e0dd716bf91e90 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_s390.deb Size/MD5 checksum: 55710 9cd974e488c7bc3a8430d01fe5dd6ad0 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_s390.deb Size/MD5 checksum: 433342 d6affed884050cffe8776f79ed749897 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_s390.deb Size/MD5 checksum: 116002 7d68b959b4d7897179273c0d795c4a21 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_s390.deb Size/MD5 checksum: 153824 6de2ef670834b0b22cde0888637d81a6 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_s390.deb Size/MD5 checksum: 36982 fc870d47a3a23441cb83452904bed977 http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_s390.deb Size/MD5 checksum: 58358 ccf0873fd87a468e71c2d2745fcc0284 http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_s390.deb Size/MD5 checksum: 23664 6229dd41d0719f3a8b5fbafa81221584 http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_s390.deb Size/MD5 checksum: 41084 ed1f1756f66cfa655b04e77c02308fa3 http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_s390.deb Size/MD5 checksum: 39846 edc6789b94dc803b6e59efb287151162 http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_s390.deb Size/MD5 checksum: 33028 f74bb90f54953af275deadb3a09beedc http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_s390.deb Size/MD5 checksum: 41900 81aa709bde50ea906d512637db5412df http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_s390.deb Size/MD5 checksum: 30394 4055618b16374db57fcbe27264e35f61 http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_s390.deb Size/MD5 checksum: 125432 4e1b2fd68cdb66d210b5860870654a81 http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_s390.deb Size/MD5 checksum: 69554 606b376355b9392208cbba9cd43d6e0a http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_s390.deb Size/MD5 checksum: 54608 a2f3303e3a1bb49e47ed0f68673509b2 http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_s390.deb Size/MD5 checksum: 28688 2df7664e3ff5a1173c62575184c674e8 http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_s390.deb Size/MD5 checksum: 29510 6b28d5ca95a5e09b74989bc1f6f81c14 Sun Sparc architecture: http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_sparc.deb Size/MD5 checksum: 227226 513f1a6c24c6b815470078cc0e2ee72e http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_sparc.deb Size/MD5 checksum: 54026 52d920d2cfcf8e208e3a04afc2983751 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_sparc.deb Size/MD5 checksum: 430544 7819784bedbc84d394ca11ed42c2c9e4 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_sparc.deb Size/MD5 checksum: 107728 c694c5e1d66d5985aaf2bf4eda793ba0 http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_sparc.deb Size/MD5 checksum: 151578 07eb106e95368b5dec91521907398d1d http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_sparc.deb Size/MD5 checksum: 35636 1eab2cc36c7adc947b5e2fa70800e9b8 http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_sparc.deb Size/MD5 checksum: 54854 eb29480cce8645f5bb72f2f2694b2f26 http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_sparc.deb Size/MD5 checksum: 26260 9ddcdbc49b997c4dc903a651e3007877 http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_sparc.deb Size/MD5 checksum: 39100 cf636dca0a94f193f46bcf88db439672 http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_sparc.deb Size/MD5 checksum: 38004 28e82ffa12af5c90df707e686ef29906 http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_sparc.deb Size/MD5 checksum: 31738 c70af19b2e2f73f1359208f0f8ce59b6 http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_sparc.deb Size/MD5 checksum: 39884 cb269f527e83ae03a9b2db051a487fa8 http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_sparc.deb Size/MD5 checksum: 29702 925140a648da199ef7338bf415f605db http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_sparc.deb Size/MD5 checksum: 112400 5c9329c597ca1448ed158e30b4f7895a http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_sparc.deb Size/MD5 checksum: 58340 473a1c45ba02d9c84bb786ee116a46bd http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_sparc.deb Size/MD5 checksum: 55444 0272fc78d38e0c1d3dd7176e412504e2 http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_sparc.deb Size/MD5 checksum: 28256 a33d2dbf32502d3f3caf3917e82c5ffe http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_sparc.deb Size/MD5 checksum: 28954 28a7aed2ab84250549c5e64ac987e00c These files will probably be moved into the stable distribution on its next update. BACKGROUND The TELNET protocol allows virtual network terminals to be connected to over the internet. The initial description of the protocol was given in RFC854 in May 1983. Since then there have been many extra features added including encryption. II. The vulnerability specifically exists in the handling of the LINEMODE suboptions, in that there is no size check made on the output, which is stored in a fixed length buffer. III. It may be possible to automatically launch the telnet command from a webpage, for example: <html><body> <iframe src='telnet://malicious.server/'> </body> On opening this page the telnet client may be launched and attempt to connect to the host 'malicious.server'. IV. DETECTION iDEFENSE has confirmed the existence of the vulnerability in the telnet client included in the Kerberos V5 Release 1.3.6 package and the client included in the SUNWtnetc package of Solaris 5.9. V. WORKAROUND iDEFENSE is currently unaware of any effective workarounds for this vulnerability. VI. VENDOR RESPONSE The following vendors have provided official responses related to this vulnerability. Other vendors may be affected but have not provided an official response. Vulnerable: - ALT Linux All supported ALT Linux distributions include telnet client derived from OpenBSD 3.0. Updated packages with fixes for these issues will be released on March 28, 2005. http://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html - Apple Computer, Inc. Component: Telnet Available for: Mac OS X 10.3.8, Mac OS X Server 10.3.8 This is fixed in Security Update 2005-003, which is available at http://docs.info.apple.com/article.html?artnum=61798 - FreeBSD FreeBSD-SA-05:01.telnet security advisory: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc - MIT (Kerberos) This vulnerability is covered in the following upcoming advisory: MITKRB5-SA-2005-001: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-001-telnet.txt patch against krb5-1.4: http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt - Openwall Project The bugs are fixed starting with telnet package version 3.0-owl2. http://www.openwall.com/Owl/CHANGES-current.shtml - Red Hat, Inc. Red Hat Enterprise Linux ships with telnet and krb5 packages vulnerable to this issue. New telnet and krb5 packages are now available along with our advisory at the URLs below and by using the Red Hat Network 'up2date' tool. Red Hat Enterprise Linux - telnet http://rhn.redhat.com/errata/RHSA-2005-330.html Red Hat Enterprise Linux - krb5 http://rhn.redhat.com/errata/RHSA-2005-327.html - Sun Microsystems Inc. Sun confirms that the telnet(1) vulnerabilities do affect all currently supported versions of Solaris: Solaris 7, 8, 9 and 10 Sun has released a Sun Alert which describes a workaround until patches are available at: http://sunsolve.sun.com Sun Alert #57755 The Sun Alert will be updated with the patch information once it becomes available. Sun patches are available from: http://sunsolve.sun.com/securitypatch Not Vulnerable: - CyberSafe Limited The CyberSafe TrustBroker products, version 3.0 or later, are not vulnerable. - Hewlett-Packard Development Company, L.P. HP-UX and HP Tru64 UNIX are not vulnerable. - InterSoft International, Inc. InterSoft International, Inc. products NetTerm, SecureNetTerm and SNetTerm are not affected by the slc_add_reply() buffer overflow conditions. VII. CVE INFORMATION The Common Vulnerabilities and Exposures (CVE) project has assigned the names CAN-2005-0469 to these issues. This is a candidate for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems. VIII. DISCLOSURE TIMELINE 02/18/2005 Initial vendor notification 03/28/2005 Coordinated public disclosure IX. CREDIT Ga\xebl Delalleau credited with this discovery. Get paid for vulnerability research http://www.idefense.com/poi/teams/vcp.jsp Free tools, research and upcoming events http://labs.idefense.com X. LEGAL NOTICES Copyright \xa9 2005 iDEFENSE, Inc. Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDEFENSE. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please email customerservice@idefense.com for permission. Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. This is a multi-part message in MIME format. Background ========== netkit-telnetd provides standard Linux telnet client and server. Workaround ========== There is no known workaround at this time. Resolution ========== All netkit-telnetd users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/netkit-telnetd-0.17-r6" References ========== [ 1 ] CAN-2005-0469 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469 [ 2 ] iDEFENSE Advisory 03-28-05 http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200503-36.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.0 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SCO Security Advisory Subject: UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : telnet client multiple issues Advisory number: SCOSA-2005.21 Issue date: 2005 April 08 Cross reference: sr893210 fz531446 erg712801 CAN-2005-0469 CAN-2005-0468 ______________________________________________________________________________ 1. 2. Vulnerable Supported Versions System Binaries ---------------------------------------------------------------------- UnixWare 7.1.4 /usr/bin/telnet UnixWare 7.1.3 /usr/bin/telnet UnixWare 7.1.1 /usr/bin/telnet 3. Solution The proper solution is to install the latest packages. 4. UnixWare 7.1.4 4.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.21 4.2 Verification MD5 (erg712801.714.pkg.Z) = bf53673ea12a1c25e3606a5b879adbc4 md5 is available for download from ftp://ftp.sco.com/pub/security/tools 4.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: Download erg712801.714.pkg.Z to the /var/spool/pkg directory # uncompress /var/spool/pkg/erg712801.714.pkg.Z # pkgadd -d /var/spool/pkg/erg712801.714.pkg 5. UnixWare 7.1.3 5.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.21 5.2 Verification MD5 (erg712801.713.pkg.Z) = e876b261afbecb41c18c26d6ec11e71d md5 is available for download from ftp://ftp.sco.com/pub/security/tools 5.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: Download erg712801.713.pkg.Z to the /var/spool/pkg directory # uncompress /var/spool/pkg/erg712801.713.pkg.Z # pkgadd -d /var/spool/pkg/erg712801.713.pkg 6. UnixWare 7.1.1 6.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.21 6.2 Verification MD5 (erg712801.711.pkg.Z) = f3099416a793c1f731bc7e377fe0e4a2 md5 is available for download from ftp://ftp.sco.com/pub/security/tools 6.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: Download erg712801.711.pkg.Z to the /var/spool/pkg directory # uncompress /var/spool/pkg/erg712801.711.pkg.Z # pkgadd -d /var/spool/pkg/erg712801.711.pkg 7. References Specific references for this advisory: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469 http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities SCO security resources: http://www.sco.com/support/security/index.html SCO security advisories via email http://www.sco.com/support/forums/security.html This security fix closes SCO incidents sr893210 fz531446 erg712801. 8. Disclaimer SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. 9. Acknowledgments SCO would like to thank Gal Delalleau and iDEFENSE ______________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (SCO/SYSV) iD8DBQFCVtn4aqoBO7ipriERAkZbAJ9qiuR3M89tJWzyJ3K7Q5NbBRTvMgCfdeFY JmJIo8zz/ppyCI4EQ5UY9jA= =8sOq -----END PGP SIGNATURE-----

AFFECTED PRODUCTS