CVE-2005-2040 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Telnetd

5 documents5 sources

Severity

5.0MEDIUMNVD

CNA7.5OSV7.5

EPSS

2.0%

top 16.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Heimdal Project Heimdal Telnetd

Timeline

PublishedJun 20

Latest updateMay 1

Description

Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal before 0.6.5 may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2005-0468 and CVE-2005-0469.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶Debianheimdal_project/heimdal< 0.6.3-11+3

▶NVDtelnetd/telnetd13 versions+12

Patches

Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-r4rj-wjf2-m94v: Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal before 0↗2022-05-01

▶

CVEList

CVE-2005-2040: Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal before 0↗2005-06-21

▶

OSV

CVE-2005-2040: Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal before 0↗2005-06-20

▶

📋Vendor Advisories

Debian

CVE-2005-2040: heimdal - Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal...↗2005

▶