Bug 75256 (CVE-2005-0469) - VUL-0: CVE-2005-0469: heimdal's telnet client seem to be vulnerable to the recent bugs too
Summary: VUL-0: CVE-2005-0469: heimdal's telnet client seem to be vulnerable to the re...
Status: RESOLVED FIXED
Alias: CVE-2005-0469
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other All
: P5 - None : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL:
Whiteboard: CVE-2005-0469: CVSS v2 Base Score: 7....
Keywords:
Depends on:
Blocks:
 
Reported: 2005-03-30 14:46 UTC by Thomas Biege
Modified: 2021-11-04 16:06 UTC (History)
2 users (show)

See Also:
Found By: Other
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Biege 2005-03-30 14:46:11 UTC 
Hello Vladimir, 
it looks like the telnet client shipped as part of the heimdal package 
contains the same code as our ordinary telnet client. This code is buggy. Have 
a look at bug #66128 .
Comment 1 Vladimir Nadvornik 2005-03-31 14:38:14 UTC 
I used the patch
telnet-bsd-1.0-temp-increase+slc-env-overflow.diff

packages for sles8, sles9 and 8.2-9.2 are submitted.
Comment 2 Thomas Biege 2005-03-31 18:15:58 UTC 
 SM-Tracker-748
Comment 3 Thomas Biege 2005-04-01 07:54:32 UTC 
Vladimir, 
can you make an update for 9.3 too please? 
 
I'll submit the patchinfo files when you are done.
Comment 4 Vladimir Nadvornik 2005-04-01 08:00:45 UTC 
heimdal is not in 9.3
Comment 5 Thomas Biege 2005-04-01 08:01:58 UTC 
submitted patchinfo files for SLES/SLD: 
/work/src/done/PATCHINFO/patchinfo.heimdal 
/work/src/done/PATCHINFO/patchinfo-sld.heimdal 
 
Will wait with box until 9.3 package was submitted...
Comment 6 Thomas Biege 2005-04-01 08:02:49 UTC 
"edit_patchinfo -p" and "is_maintained -b" show 9.3... they must be wrong 
then... ok.
Comment 7 Thomas Biege 2005-04-01 08:06:46 UTC 
submitted patchinfo file: 
/work/src/done/PATCHINFO/patchinfo-box.heimdal 
 
What is the 9.3 replacement for heimdal?
Comment 8 Marcus Meissner 2005-04-01 08:08:00 UTC 
krb5 ... and it contains the fixes already I think (last minute addition).
Comment 9 Michael Calmer 2005-04-01 08:17:21 UTC 
Yes, krb5 on 9.3 has this patch. 
 
#> rpm -qp 
--changelog /work/CDs/all/full-9.3-i386/suse/i586/krb5-apps-clients.rpm | head 
* Fr Mär 18 2005 - mc@suse.de 
 
- fixed not running converter script [#72854] 
 
* Do Mär 17 2005 - mc@suse.de 
 
- Fix CAN-2005-0469: Multiple Telnet Client slc_add_reply() Buffer 
  Overflow 
- Fix CAN-2005-0468: Multiple Telnet Client env_opt_add() Buffer 
  Overflow
Comment 10 Thomas Biege 2005-04-01 08:25:10 UTC 
Michael, 
is this a patch from bug# 66128 or a patch from the kerberos folks? 
I quickly compared the patches and the krb5 patch looks different from the 
patches we have in our bugzilla.
Comment 11 Thomas Biege 2005-04-01 08:29:01 UTC 
Ludwig already told me that it was the patch from the kerberos advisory.
Comment 12 Michael Calmer 2005-04-01 08:34:22 UTC 
Correct, the patch was provided by the MIT people.
Comment 13 Michael Schröder 2005-04-04 16:23:45 UTC 
The SLEC heimdal version is unpatched. Please submit a fixed package.
Comment 14 Vladimir Nadvornik 2005-04-05 10:55:48 UTC 
sorry,
package is submitted
Comment 15 Marcus Meissner 2005-04-20 15:47:39 UTC 
updates approved and released for this round
Comment 16 Thomas Biege 2005-04-20 16:00:21 UTC 
the onformation leak bug is still open.
CRD 14 juni, 1pm EST
Comment 17 Thomas Biege 2009-10-13 21:14:59 UTC 
CVE-2005-0469: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)