|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-0: CVE-2004-0794: heimdal: hijack ftpd sessions | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | Thomas Biege <thomas> |
| Component: | Incidents | Assignee: | Thomas Biege <thomas> |
| Status: | RESOLVED FIXED | QA Contact: | Security Team bot <security-team> |
| Severity: | Normal | ||
| Priority: | P3 - Medium | CC: | nadvornik, patch-request, security-team |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | CVE-2004-0794: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P) | ||
| Found By: | --- | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
| Attachments: |
The ftpd fix from heimdal 0.6.3
patchinfo.heimdal patchinfo-box.heimdal |
||
|
Description
Thomas Biege
2004-09-14 14:59:52 UTC
<!-- SBZ_reproduce --> - CAN-2004-0794 Andreas, can I update heimdal in STABLE to 0.6.3 or should I backport the fix? Please backport the fix. Created attachment 23446 [details]
The ftpd fix from heimdal 0.6.3
Packages are submitted, can you please submit patchinfos? Thanks.. I'll do so.. Created attachment 23541 [details]
patchinfo.heimdal
Created attachment 23542 [details]
patchinfo-box.heimdal
Hello Vladimir, can you have a look at the patchinfo files please. I am not sure how to solve the following error: check_patchinfo patchinfo-box.heimdal WARNING: this must not be a version update: - heimdal-devel needs heimdal-0.6.1rc3 in dist 9.1-i386, 9.1-x86_64 (which is the released version) I tried various combination w/o success. The files looks correct. The warning is IMHO irrelevant, it is not a version update. ok, patchinfo files and laufzettel submitted. packages approved. CVE-2004-0794: CVSS v2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P) |