10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.972 High
EPSS
Percentile
99.8%
Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | heimdal | < 1.5.dfsg.1-1 | heimdal_1.5.dfsg.1-1_all.deb |
Debian | 11 | all | heimdal | < 1.5.dfsg.1-1 | heimdal_1.5.dfsg.1-1_all.deb |
Debian | 10 | all | heimdal | < 1.5.dfsg.1-1 | heimdal_1.5.dfsg.1-1_all.deb |
Debian | 999 | all | heimdal | < 1.5.dfsg.1-1 | heimdal_1.5.dfsg.1-1_all.deb |
Debian | 13 | all | heimdal | < 1.5.dfsg.1-1 | heimdal_1.5.dfsg.1-1_all.deb |
Debian | 12 | all | inetutils | < 2:1.8-6 | inetutils_2:1.8-6_all.deb |
Debian | 11 | all | inetutils | < 2:1.8-6 | inetutils_2:1.8-6_all.deb |
Debian | 10 | all | inetutils | < 2:1.8-6 | inetutils_2:1.8-6_all.deb |
Debian | 999 | all | inetutils | < 2:1.8-6 | inetutils_2:1.8-6_all.deb |
Debian | 13 | all | inetutils | < 2:1.8-6 | inetutils_2:1.8-6_all.deb |