Bug 97195

Summary: VUL-0: CVE-2005-2040: heimdal buffer overflow in getterminaltype
Product: [Novell Products] SUSE Security Incidents Reporter: Ludwig Nussel <lnussel>
Component: IncidentsAssignee: Vladimir Nadvornik <nadvornik>
Status: RESOLVED DUPLICATE QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None CC: security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: All   
Whiteboard: CVE-2005-2040: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Ludwig Nussel 2005-07-19 08:42:30 UTC 
We received the following report via bugtraq.
The issue is public.

The description for CAN-2005-2040 says it's a different vulnerability than -0468 and -0469. So did we fix CAN-2005-2040?

Date: Mon, 18 Jul 2005 08:31:56 +0200 (CEST)
From: Martin Schulze <joey@infodrom.org>
To: bugtraq@securityfocus.com
Subject: [SECURITY] [DSA 758-1] New heimdal packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 758-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
July 18th, 2005                         http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : heimdal
Vulnerability  : buffer overflow
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2005-2040

A buffer overflow has been discovered in the telnet server from
Heimdal, a free implementation of Kerberos 5, that could lead to the
execution of arbitrary code.

[...]
Comment 1 Marcus Meissner 2005-07-19 08:47:19 UTC 
is a dup ( i forgot the can in 91593 ... ) 

*** This bug has been marked as a duplicate of 91593 ***
Comment 2 Thomas Biege 2009-10-13 21:34:23 UTC 
CVE-2005-2040: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)