CVE-2005-0469Improper Restriction of Operations within the Bounds of a Memory Buffer in Project Heimdal

10 documents9 sources
Severity
7.5HIGHNVD
EPSS
47.8%
top 2.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Heimdal Project HeimdalMIT Krb5
Timeline
PublishedMay 2
Latest updateMay 3

Description

Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

Debianmit/krb5< 1.3.6-2+3
Debianheimdal_project/heimdal< 0.6.3-10+3

Patches

Patch: patches.sgi.comPatch: sunsolve.sun.comPatch: web.mit.edu

🔴Vulnerability Details

3
GHSA
GHSA-5hfw-w8jp-h4hj: Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execu2022-05-03
OSV
CVE-2005-0469: Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execu2005-05-02
CVEList
CVE-2005-0469: Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execu2005-03-28

📋Vendor Advisories

4
Ubuntu
Kerberos vulnerabilities2005-12-06
Ubuntu
telnet vulnerabilities2005-03-29
Red Hat
security flaw2005-03-28
Debian
CVE-2005-0469: heimdal - Buffer overflow in the slc_add_reply function in various BSD-based Telnet client...2005

💬Community

1
Bugzilla
CVE-2005-0469 security flaw2018-08-16
CVE-2005-0469 — Heimdal Project Heimdal vulnerability | cvebase