|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200504-04] mit-krb5: Multiple buffer overflows in telnet client Vulnerability Scan
Vulnerability Scan Summary mit-krb5: Multiple buffer overflows in telnet client
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200504-04
(mit-krb5: Multiple buffer overflows in telnet client)
A buffer overflow has been identified in the env_opt_add()
function, where a response requiring excessive escaping can cause a
heap-based buffer overflow. Another issue has been identified in the
slc_add_reply() function, where a large number of SLC commands can
overflow a fixed size buffer.
Impact
Successful exploitation would require a vulnerable user to connect
to a possible hacker-controlled telnet host, potentially executing arbitrary
code with the permissions of the telnet user on the client.
Workaround
There is no known workaround at this time.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0469
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2005-001-telnet.txt
Solution:
All mit-krb5 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-crypt/mit-krb5-1.3.6-r2"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|