Bugzilla – Bug 97195
VUL-0: CVE-2005-2040: heimdal buffer overflow in getterminaltype
Last modified: 2021-11-08 14:10:52 UTC
We received the following report via bugtraq. The issue is public. The description for CAN-2005-2040 says it's a different vulnerability than -0468 and -0469. So did we fix CAN-2005-2040? Date: Mon, 18 Jul 2005 08:31:56 +0200 (CEST) From: Martin Schulze <joey@infodrom.org> To: bugtraq@securityfocus.com Subject: [SECURITY] [DSA 758-1] New heimdal packages fix arbitrary code execution -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 758-1 security@debian.org http://www.debian.org/security/ Martin Schulze July 18th, 2005 http://www.debian.org/security/faq - -------------------------------------------------------------------------- Package : heimdal Vulnerability : buffer overflow Problem-Type : remote Debian-specific: no CVE ID : CAN-2005-2040 A buffer overflow has been discovered in the telnet server from Heimdal, a free implementation of Kerberos 5, that could lead to the execution of arbitrary code. [...]
is a dup ( i forgot the can in 91593 ... ) *** This bug has been marked as a duplicate of 91593 ***
CVE-2005-2040: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)