ID B62C80C2-B81A-11DA-BEC5-00123FFE8333 Type freebsd Reporter FreeBSD Modified 2006-02-06T00:00:00
Description
A Project heimdal Security Advisory reports:
The telnet client program in Heimdal has buffer overflows
in the functions slc_add_reply() and env_opt_add(), which
may lead to remote code execution.
The telnetd server program in Heimdal has buffer overflows
in the function getterminaltype, which may lead to remote code
execution.
The rshd server in Heimdal has a privilege escalation bug
when storing forwarded credentials. The code allowes a user
to overwrite a file with its credential cache, and get ownership
of the file.
{"id": "B62C80C2-B81A-11DA-BEC5-00123FFE8333", "bulletinFamily": "unix", "title": "heimdal -- Multiple vulnerabilities", "description": "\nA Project heimdal Security Advisory reports:\n\nThe telnet client program in Heimdal has buffer overflows\n\t in the functions slc_add_reply() and env_opt_add(), which\n\t may lead to remote code execution.\n\n\nThe telnetd server program in Heimdal has buffer overflows\n\t in the function getterminaltype, which may lead to remote code\n\t execution.\n\n\nThe rshd server in Heimdal has a privilege escalation bug\n\t when storing forwarded credentials. The code allowes a user\n\t to overwrite a file with its credential cache, and get ownership\n\t of the file.\n\n", "published": "2006-02-06T00:00:00", "modified": "2006-02-06T00:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "href": "https://vuxml.freebsd.org/freebsd/b62c80c2-b81a-11da-bec5-00123ffe8333.html", "reporter": "FreeBSD", "references": ["http://www.pdc.kth.se/heimdal/advisory/2006-02-06", "http://www.pdc.kth.se/heimdal/advisory/2005-06-20", "http://www.pdc.kth.se/heimdal/advisory/2005-04-20"], "cvelist": ["CVE-2005-0469", "CVE-2006-0677", "CVE-2005-2040", "CVE-2006-0582"], "type": "freebsd", "lastseen": "2019-05-29T18:34:47", "history": [{"bulletin": {"affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "heimdal", "packageVersion": "0.6.6"}], "bulletinFamily": "unix", "cvelist": ["CVE-2005-0469", "CVE-2006-0677", "CVE-2005-2040", "CVE-2006-0582"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "\nA Project heimdal Security Advisory reports:\n\nThe telnet client program in Heimdal has buffer overflows\n\t in the functions slc_add_reply() and env_opt_add(), which\n\t may lead to remote code execution.\n\n\nThe telnetd server program in Heimdal has buffer overflows\n\t in the function getterminaltype, which may lead to remote code\n\t execution.\n\n\nThe rshd server in Heimdal has a privilege escalation bug\n\t when storing forwarded credentials. The code allowes a user\n\t to overwrite a file with its credential cache, and get ownership\n\t of the file.\n\n", "edition": 3, "enchantments": {"dependencies": {"modified": "2018-08-31T01:15:50", "references": [{"idList": ["SSA-2005-210-01"], "type": "slackware"}, {"idList": ["OSVDB:17449", "OSVDB:15094", "OSVDB:22986", "OSVDB:23244"], "type": "osvdb"}, {"idList": ["OPENVAS:53528", "OPENVAS:65161", "OPENVAS:56450", "OPENVAS:54444", "OPENVAS:54369", "OPENVAS:56542", "OPENVAS:54976", "OPENVAS:136141256231065161", "OPENVAS:56283", "OPENVAS:54901"], "type": "openvas"}, {"idList": ["FREEBSD_PKG_B62C80C2B81A11DABEC500123FFE8333.NASL", "DEBIAN_DSA-977.NASL", "UBUNTU_USN-247-1.NASL", "DEBIAN_DSA-765.NASL", "UBUNTU_USN-253-1.NASL", "GENTOO_GLSA-200506-24.NASL", "GENTOO_GLSA-200603-14.NASL", "DEBIAN_DSA-758.NASL", "DEBIAN_DSA-699.NASL", "DEBIAN_DSA-697.NASL"], "type": "nessus"}, {"idList": ["USN-101-1", "USN-247-1", "USN-224-1", "USN-253-1"], "type": "ubuntu"}, {"idList": ["VU:341908", "VU:291924"], "type": "cert"}, {"idList": ["GLSA-200504-04", "GLSA-200503-36", "GLSA-200603-14", "GLSA-200504-01", "GLSA-200506-24", "GLSA-200504-28"], "type": "gentoo"}, {"idList": ["SUSE-SA:2006:011", "SUSE-SA:2006:010", "SUSE-SA:2005:040"], "type": "suse"}, {"idList": ["RHSA-2005:330", "RHSA-2005:327"], "type": "redhat"}, {"idList": ["SECURITYVULNS:DOC:8175"], "type": "securityvulns"}, {"idList": ["CVE-2005-0469", "CVE-2006-0677", "CVE-2005-2040", "CVE-2006-0582"], "type": "cve"}, {"idList": ["DEBIAN:DSA-703-1:60FCA", "DEBIAN:DSA-731-1:76928", "DEBIAN:DSA-697-1:4A49E", "DEBIAN:DSA-758-1:1C328", "DEBIAN:DSA-765-1:8D31C", "DEBIAN:DSA-699-1:A47C9", "DEBIAN:DSA-977-1:58496"], "type": "debian"}, {"idList": ["SOL4441", "F5:K4441"], "type": "f5"}]}, "score": {"value": 9.3, "vector": "NONE"}}, "hash": "035967e31f706d8fdef3ba81acef6ba56fe5c9f6e95afcd18eaffc333ee45d19", "hashmap": [{"hash": "a91befc413f784cd2693e4ca12d70029", "key": "published"}, {"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "a91befc413f784cd2693e4ca12d70029", "key": "modified"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "604344130cfcab16fc525cba800b4db6", "key": "href"}, {"hash": "c47280972e61b6b985cb3c3aa5bf8c65", "key": "title"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "47761e8d20ffb5a4d45ed63b049279e4", "key": "references"}, {"hash": "dfd27c873d4cb52fcd126c2f73226fa7", "key": "affectedPackage"}, {"hash": "d481232e6439ee1c8ae19c72f905a32c", "key": "description"}, {"hash": "4d3675005ca2bb30af1cc05c91bb9395", "key": "cvelist"}], "history": [], "href": "https://vuxml.freebsd.org/freebsd/b62c80c2-b81a-11da-bec5-00123ffe8333.html", "id": "B62C80C2-B81A-11DA-BEC5-00123FFE8333", "lastseen": "2018-08-31T01:15:50", "modified": "2006-02-06T00:00:00", "objectVersion": "1.3", "published": "2006-02-06T00:00:00", "references": ["http://www.pdc.kth.se/heimdal/advisory/2006-02-06", "http://www.pdc.kth.se/heimdal/advisory/2005-06-20", "http://www.pdc.kth.se/heimdal/advisory/2005-04-20"], "reporter": "FreeBSD", "title": "heimdal -- Multiple vulnerabilities", "type": "freebsd", "viewCount": 2}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-31T01:15:50"}, {"bulletin": {"affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "heimdal", "packageVersion": "0.6.6"}], "bulletinFamily": "unix", "cvelist": ["CVE-2005-0469", "CVE-2006-0677", "CVE-2005-2040", "CVE-2006-0582"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "\nA Project heimdal Security Advisory reports:\n\nThe telnet client program in Heimdal has buffer overflows\n\t in the functions slc_add_reply() and env_opt_add(), which\n\t may lead to remote code execution.\n\n\nThe telnetd server program in Heimdal has buffer overflows\n\t in the function getterminaltype, which may lead to remote code\n\t execution.\n\n\nThe rshd server in Heimdal has a privilege escalation bug\n\t when storing forwarded credentials. The code allowes a user\n\t to overwrite a file with its credential cache, and get ownership\n\t of the file.\n\n", "edition": 2, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}}, "hash": "1458ec7ef826a961951a9a9e3b07e8048b58c75cffc21b74577789b88733784a", "hashmap": [{"hash": "a91befc413f784cd2693e4ca12d70029", "key": "published"}, {"hash": "a91befc413f784cd2693e4ca12d70029", "key": "modified"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "604344130cfcab16fc525cba800b4db6", "key": "href"}, {"hash": "c47280972e61b6b985cb3c3aa5bf8c65", "key": "title"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "47761e8d20ffb5a4d45ed63b049279e4", "key": "references"}, {"hash": "dfd27c873d4cb52fcd126c2f73226fa7", "key": "affectedPackage"}, {"hash": "d481232e6439ee1c8ae19c72f905a32c", "key": "description"}, {"hash": "4d3675005ca2bb30af1cc05c91bb9395", "key": "cvelist"}], "history": [], "href": "https://vuxml.freebsd.org/freebsd/b62c80c2-b81a-11da-bec5-00123ffe8333.html", "id": "B62C80C2-B81A-11DA-BEC5-00123FFE8333", "lastseen": "2018-08-30T19:16:07", "modified": "2006-02-06T00:00:00", "objectVersion": "1.3", "published": "2006-02-06T00:00:00", "references": ["http://www.pdc.kth.se/heimdal/advisory/2006-02-06", "http://www.pdc.kth.se/heimdal/advisory/2005-06-20", "http://www.pdc.kth.se/heimdal/advisory/2005-04-20"], "reporter": "FreeBSD", "title": "heimdal -- Multiple vulnerabilities", "type": "freebsd", "viewCount": 2}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2018-08-30T19:16:07"}, {"bulletin": {"affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "heimdal", "packageVersion": "0.6.6"}], "bulletinFamily": "unix", "cvelist": ["CVE-2005-0469", "CVE-2006-0677", "CVE-2005-2040", "CVE-2006-0582"], "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "\nA Project heimdal Security Advisory reports:\n\nThe telnet client program in Heimdal has buffer overflows\n\t in the functions slc_add_reply() and env_opt_add(), which\n\t may lead to remote code execution.\n\n\nThe telnetd server program in Heimdal has buffer overflows\n\t in the function getterminaltype, which may lead to remote code\n\t execution.\n\n\nThe rshd server in Heimdal has a privilege escalation bug\n\t when storing forwarded credentials. The code allowes a user\n\t to overwrite a file with its credential cache, and get ownership\n\t of the file.\n\n", "edition": 1, "enchantments": {"score": {"value": 9.3, "vector": "NONE"}}, "hash": "035967e31f706d8fdef3ba81acef6ba56fe5c9f6e95afcd18eaffc333ee45d19", "hashmap": [{"hash": "a91befc413f784cd2693e4ca12d70029", "key": "published"}, {"hash": "ed3111898fb94205e2b64cefef5a2081", "key": "cvss"}, {"hash": "a91befc413f784cd2693e4ca12d70029", "key": "modified"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "604344130cfcab16fc525cba800b4db6", "key": "href"}, {"hash": "c47280972e61b6b985cb3c3aa5bf8c65", "key": "title"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "47761e8d20ffb5a4d45ed63b049279e4", "key": "references"}, {"hash": "dfd27c873d4cb52fcd126c2f73226fa7", "key": "affectedPackage"}, {"hash": "d481232e6439ee1c8ae19c72f905a32c", "key": "description"}, {"hash": "4d3675005ca2bb30af1cc05c91bb9395", "key": "cvelist"}], "history": [], "href": "https://vuxml.freebsd.org/freebsd/b62c80c2-b81a-11da-bec5-00123ffe8333.html", "id": "B62C80C2-B81A-11DA-BEC5-00123FFE8333", "lastseen": "2016-09-26T17:25:08", "modified": "2006-02-06T00:00:00", "objectVersion": "1.2", "published": "2006-02-06T00:00:00", "references": ["http://www.pdc.kth.se/heimdal/advisory/2006-02-06", "http://www.pdc.kth.se/heimdal/advisory/2005-06-20", "http://www.pdc.kth.se/heimdal/advisory/2005-04-20"], "reporter": "FreeBSD", "title": "heimdal -- Multiple vulnerabilities", "type": "freebsd", "viewCount": 2}, "differentElements": ["cvss"], "edition": 1, "lastseen": "2016-09-26T17:25:08"}], "edition": 4, "hashmap": [{"key": "affectedPackage", "hash": "dfd27c873d4cb52fcd126c2f73226fa7"}, {"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "cvelist", "hash": "4d3675005ca2bb30af1cc05c91bb9395"}, {"key": "cvss", "hash": "5a4bd22c495ccbe3aa9b54cab81d2473"}, {"key": "description", "hash": "d481232e6439ee1c8ae19c72f905a32c"}, {"key": "href", "hash": "604344130cfcab16fc525cba800b4db6"}, {"key": "modified", "hash": "a91befc413f784cd2693e4ca12d70029"}, {"key": "published", "hash": "a91befc413f784cd2693e4ca12d70029"}, {"key": "references", "hash": "47761e8d20ffb5a4d45ed63b049279e4"}, {"key": "reporter", "hash": "a3dc630729e463135f4e608954fa6e19"}, {"key": "title", "hash": "c47280972e61b6b985cb3c3aa5bf8c65"}, {"key": "type", "hash": "1527e888767cdce15d200b870b39cfd0"}], "hash": "3e5fa376004e00900f73b820f4e749e2e8cd720d3720ca5985614cf77a0c2593", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-2040", "CVE-2006-0677", "CVE-2006-0582", "CVE-2005-0469"]}, {"type": "openvas", "idList": ["OPENVAS:56450", "OPENVAS:65161", "OPENVAS:136141256231065161", "OPENVAS:56283", "OPENVAS:54976", "OPENVAS:54369", "OPENVAS:56542", "OPENVAS:53528", "OPENVAS:54444", "OPENVAS:54901"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_B62C80C2B81A11DABEC500123FFE8333.NASL", "DEBIAN_DSA-977.NASL", "SUSE_SA_2006_011.NASL", "UBUNTU_USN-253-1.NASL", "DEBIAN_DSA-758.NASL", "GENTOO_GLSA-200506-24.NASL", "SUSE_SA_2005_040.NASL", "GENTOO_GLSA-200603-14.NASL", "UBUNTU_USN-247-1.NASL", "DEBIAN_DSA-699.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DSA-977-1:58496", "DEBIAN:DSA-758-1:1C328", "DEBIAN:DSA-699-1:A47C9", "DEBIAN:DSA-765-1:8D31C", "DEBIAN:DSA-697-1:4A49E", "DEBIAN:DSA-703-1:60FCA", "DEBIAN:DSA-731-1:76928"]}, {"type": "ubuntu", "idList": ["USN-253-1", "USN-247-1", "USN-101-1", "USN-224-1"]}, {"type": "suse", "idList": ["SUSE-SA:2006:011", "SUSE-SA:2006:010", "SUSE-SA:2005:040"]}, {"type": "osvdb", "idList": ["OSVDB:17449", "OSVDB:23244", "OSVDB:22986", "OSVDB:15094"]}, {"type": "gentoo", "idList": ["GLSA-200506-24", "GLSA-200603-14", "GLSA-200503-36", "GLSA-200504-28", "GLSA-200504-04", "GLSA-200504-01"]}, {"type": "cert", "idList": ["VU:291924", "VU:341908"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:8175"]}, {"type": "slackware", "idList": ["SSA-2005-210-01"]}, {"type": "f5", "idList": ["SOL4441", "F5:K4441"]}, {"type": "redhat", "idList": ["RHSA-2005:330", "RHSA-2005:327"]}], "modified": "2019-05-29T18:34:47"}, "score": {"value": 7.1, "vector": "NONE", "modified": "2019-05-29T18:34:47"}, "vulnersScore": 7.1}, "objectVersion": "1.3", "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "heimdal", "packageVersion": "0.6.6"}], "scheme": null}
{"cve": [{"lastseen": "2019-05-29T18:08:14", "bulletinFamily": "NVD", "description": "Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal before 0.6.5 may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2005-0468 and CVE-2005-0469.", "modified": "2008-09-05T20:50:00", "id": "CVE-2005-2040", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2040", "published": "2005-06-20T04:00:00", "title": "CVE-2005-2040", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:08:31", "bulletinFamily": "NVD", "description": "Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors.", "modified": "2018-10-19T15:45:00", "id": "CVE-2006-0582", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-0582", "published": "2006-02-08T01:02:00", "title": "CVE-2006-0582", "type": "cve", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:08:31", "bulletinFamily": "NVD", "description": "telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows remote unauthenticated attackers to cause a denial of service (server crash) via unknown vectors that trigger a null dereference.", "modified": "2018-10-19T15:45:00", "id": "CVE-2006-0677", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-0677", "published": "2006-02-14T11:06:00", "title": "CVE-2006-0677", "type": "cve", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:08:13", "bulletinFamily": "NVD", "description": "Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.", "modified": "2017-10-11T01:29:00", "id": "CVE-2005-0469", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0469", "published": "2005-05-02T04:00:00", "title": "CVE-2005-0469", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2017-07-02T21:10:24", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-20T00:00:00", "published": "2008-09-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=56450", "id": "OPENVAS:56450", "title": "FreeBSD Ports: heimdal", "type": "openvas", "sourceData": "#\n#VID b62c80c2-b81a-11da-bec5-00123ffe8333\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: heimdal\n\nCVE-2005-0469\nBuffer overflow in the slc_add_reply function in various BSD-based\nTelnet clients, when handling LINEMODE suboptions, allows remote\nattackers to execute arbitrary code via a reply with a large number of\nSet Local Character (SLC) commands.\n\nCVE-2005-2040\nMultiple buffer overflows in the getterminaltype function in telnetd\nfor Heimdal before 0.6.5 may allow remote attackers to execute\narbitrary code, a different vulnerability than CVE-2005-0468 and\nCVE-2005-0469.\n\nCVE-2006-0582\nUnspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and\n0.7.x before 0.7.2, when storing forwarded credentials, allows\nattackers to overwrite arbitrary files and change file ownership via\nunknown vectors.\n\nCVE-2006-0677\ntelnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows\nremote unauthenticated attackers to cause a denial of service (server\ncrash) via unknown vectors that trigger a null dereference.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.pdc.kth.se/heimdal/advisory/2005-04-20\nhttp://www.pdc.kth.se/heimdal/advisory/2005-06-20\nhttp://www.pdc.kth.se/heimdal/advisory/2006-02-06\nhttp://www.vuxml.org/freebsd/b62c80c2-b81a-11da-bec5-00123ffe8333.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(56450);\n script_version(\"$Revision: 4118 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-20 07:32:38 +0200 (Tue, 20 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2005-0469\", \"CVE-2005-2040\", \"CVE-2006-0582\", \"CVE-2006-0677\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"FreeBSD Ports: heimdal\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"heimdal\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.6.6\")<0) {\n txt += 'Package heimdal version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:16", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n heimdal-devel\n heimdal\n heimdal-lib\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5018824 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065161", "id": "OPENVAS:136141256231065161", "type": "openvas", "title": "SLES9: Security update for heimdal", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5018824.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for heimdal\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n heimdal-devel\n heimdal\n heimdal-lib\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5018824 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65161\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2006-0582\", \"CVE-2006-0677\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"SLES9: Security update for heimdal\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"heimdal-devel\", rpm:\"heimdal-devel~0.6.1rc3~55.21\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:33", "bulletinFamily": "scanner", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n heimdal-devel\n heimdal\n heimdal-lib\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5018824 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=65161", "id": "OPENVAS:65161", "title": "SLES9: Security update for heimdal", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5018824.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for heimdal\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n heimdal-devel\n heimdal\n heimdal-lib\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5018824 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65161);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2006-0582\", \"CVE-2006-0677\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"SLES9: Security update for heimdal\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"heimdal-devel\", rpm:\"heimdal-devel~0.6.1rc3~55.21\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:13", "bulletinFamily": "scanner", "description": "The remote host is missing an update to heimdal\nannounced via advisory DSA 977-1.\n\nTwo vulnerabilities have been discovered in heimdal, a free\nimplementation of Kerberos 5. The Common Vulnerabilities and\nExposures project identifies the following vulnerabilities:\n\nCVE-2006-0582\nPrivilege escalation in the rsh server allows an authenticated\nattacker to overwrite arbitrary files and gain ownership of them.\n\nCVE-2006-0677\nA remote attacker could force the telnet server to crash before\nthe user logged in, resulting in inetd turning telnetd off because\nit forked too fast.\n\nThe old stable distribution (woody) does not expose rsh and telnet servers.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=56283", "id": "OPENVAS:56283", "title": "Debian Security Advisory DSA 977-1 (heimdal)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_977_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 977-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) these problems have been fixed in\nversion 0.6.3-10sarge2.\n\nFor the unstable distribution (sid) these problems will be fixed soon.\n\nWe recommend that you upgrade your heimdal packages.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20977-1\";\ntag_summary = \"The remote host is missing an update to heimdal\nannounced via advisory DSA 977-1.\n\nTwo vulnerabilities have been discovered in heimdal, a free\nimplementation of Kerberos 5. The Common Vulnerabilities and\nExposures project identifies the following vulnerabilities:\n\nCVE-2006-0582\nPrivilege escalation in the rsh server allows an authenticated\nattacker to overwrite arbitrary files and gain ownership of them.\n\nCVE-2006-0677\nA remote attacker could force the telnet server to crash before\nthe user logged in, resulting in inetd turning telnetd off because\nit forked too fast.\n\nThe old stable distribution (woody) does not expose rsh and telnet servers.\";\n\n\nif(description)\n{\n script_id(56283);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:07:13 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2006-0582\", \"CVE-2006-0677\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Debian Security Advisory DSA 977-1 (heimdal)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"heimdal-docs\", ver:\"0.6.3-10sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-clients\", ver:\"0.6.3-10sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-clients-x\", ver:\"0.6.3-10sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-dev\", ver:\"0.6.3-10sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-kdc\", ver:\"0.6.3-10sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-servers\", ver:\"0.6.3-10sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-servers-x\", ver:\"0.6.3-10sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libasn1-6-heimdal\", ver:\"0.6.3-10sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgssapi1-heimdal\", ver:\"0.6.3-10sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libhdb7-heimdal\", ver:\"0.6.3-10sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm5clnt4-heimdal\", ver:\"0.6.3-10sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm5srv7-heimdal\", ver:\"0.6.3-10sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkafs0-heimdal\", ver:\"0.6.3-10sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb5-17-heimdal\", ver:\"0.6.3-10sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:09", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200506-24.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=54976", "id": "OPENVAS:54976", "title": "Gentoo Security Advisory GLSA 200506-24 (heimdal)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple buffer overflow vulnerabilities in Heimdal's telnetd server could\nallow the execution of arbitrary code.\";\ntag_solution = \"All users should upgrade to the latest available version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-crypt/heimdal-0.6.5'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200506-24\nhttp://bugs.gentoo.org/show_bug.cgi?id=96727\nhttp://www.pdc.kth.se/heimdal/advisory/2005-06-20/\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200506-24.\";\n\n \n\nif(description)\n{\n script_id(54976);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2005-2040\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_name(\"Gentoo Security Advisory GLSA 200506-24 (heimdal)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-crypt/heimdal\", unaffected: make_list(\"ge 0.6.5\"), vulnerable: make_list(\"lt 0.6.5\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-24T12:49:46", "bulletinFamily": "scanner", "description": "The remote host is missing an update to heimdal\nannounced via advisory DSA 758-1.\n\nA buffer overflow has been discovered in the telnet server from\nHeimdal, a free implementation of Kerberos 5, that could lead to the\nexecution of arbitrary code.\n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 0.4e-7.woody.10.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=54369", "id": "OPENVAS:54369", "title": "Debian Security Advisory DSA 758-1 (heimdal)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_758_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 758-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) this problem has been fixed in\nversion 0.6.3-10sarge1.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 0.6.3-11.\n\nWe recommend that you upgrade your heimdal packages.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20758-1\";\ntag_summary = \"The remote host is missing an update to heimdal\nannounced via advisory DSA 758-1.\n\nA buffer overflow has been discovered in the telnet server from\nHeimdal, a free implementation of Kerberos 5, that could lead to the\nexecution of arbitrary code.\n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 0.4e-7.woody.10.\";\n\n\nif(description)\n{\n script_id(54369);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:00:53 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2005-2040\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_name(\"Debian Security Advisory DSA 758-1 (heimdal)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"heimdal-docs\", ver:\"0.4e-7.woody.10\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-lib\", ver:\"0.4e-7.woody.10\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-clients\", ver:\"0.4e-7.woody.10\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-clients-x\", ver:\"0.4e-7.woody.10\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-dev\", ver:\"0.4e-7.woody.10\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-kdc\", ver:\"0.4e-7.woody.10\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-servers\", ver:\"0.4e-7.woody.10\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-servers-x\", ver:\"0.4e-7.woody.10\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libasn1-5-heimdal\", ver:\"0.4e-7.woody.10\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcomerr1-heimdal\", ver:\"0.4e-7.woody.10\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgssapi1-heimdal\", ver:\"0.4e-7.woody.10\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libhdb7-heimdal\", ver:\"0.4e-7.woody.10\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm5clnt4-heimdal\", ver:\"0.4e-7.woody.10\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm5srv7-heimdal\", ver:\"0.4e-7.woody.10\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkafs0-heimdal\", ver:\"0.4e-7.woody.10\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb5-17-heimdal\", ver:\"0.4e-7.woody.10\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libotp0-heimdal\", ver:\"0.4e-7.woody.10\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libroken9-heimdal\", ver:\"0.4e-7.woody.10\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsl0-heimdal\", ver:\"0.4e-7.woody.10\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libss0-heimdal\", ver:\"0.4e-7.woody.10\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-docs\", ver:\"0.6.3-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-clients\", ver:\"0.6.3-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-clients-x\", ver:\"0.6.3-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-dev\", ver:\"0.6.3-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-kdc\", ver:\"0.6.3-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-servers\", ver:\"0.6.3-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-servers-x\", ver:\"0.6.3-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libasn1-6-heimdal\", ver:\"0.6.3-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgssapi1-heimdal\", ver:\"0.6.3-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libhdb7-heimdal\", ver:\"0.6.3-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm5clnt4-heimdal\", ver:\"0.6.3-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm5srv7-heimdal\", ver:\"0.6.3-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkafs0-heimdal\", ver:\"0.6.3-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb5-17-heimdal\", ver:\"0.6.3-10sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-24T12:50:16", "bulletinFamily": "scanner", "description": "The remote host is missing an update to netkit-telnet\nannounced via advisory DSA 697-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53528", "id": "OPENVAS:53528", "title": "Debian Security Advisory DSA 697-1 (netkit-telnet)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_697_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 697-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"iDEFENSE researchers discovered a buffer overflow in the handling of\nthe LINEMODE suboptions in telnet clients. This can lead to the\nexecution of arbitrary code when connected to a malicious server.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 0.17-18woody3.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you upgrade your telnet package.\";\ntag_summary = \"The remote host is missing an update to netkit-telnet\nannounced via advisory DSA 697-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20697-1\";\n\nif(description)\n{\n script_id(53528);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:56:38 +0100 (Thu, 17 Jan 2008)\");\n script_bugtraq_id(12918);\n script_cve_id(\"CVE-2005-0469\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 697-1 (netkit-telnet)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"telnet\", ver:\"0.17-18woody3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"telnetd\", ver:\"0.17-18woody3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:25", "bulletinFamily": "scanner", "description": "The remote host is missing an update to heimdal\nannounced via advisory DSA 765-1.\n\nGa\u00ebl Delalleau discovered a buffer overflow in the handling of the\nLINEMODE suboptions in telnet clients. Heimdal, a free implementation\nof Kerberos 5, also contains such a client. This can lead to the\nexecution of arbitrary code when connected to a malicious server.\n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 0.4e-7.woody.11.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=54444", "id": "OPENVAS:54444", "title": "Debian Security Advisory DSA 765-1 (heimdal)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_765_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 765-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) this problem has been fixed in\nversion 0.6.3-10.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 0.6.3-10.\n\nWe recommend that you upgrade your heimdal package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20765-1\";\ntag_summary = \"The remote host is missing an update to heimdal\nannounced via advisory DSA 765-1.\n\nGa\u00ebl Delalleau discovered a buffer overflow in the handling of the\nLINEMODE suboptions in telnet clients. Heimdal, a free implementation\nof Kerberos 5, also contains such a client. This can lead to the\nexecution of arbitrary code when connected to a malicious server.\n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 0.4e-7.woody.11.\";\n\n\nif(description)\n{\n script_id(54444);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:00:53 +0100 (Thu, 17 Jan 2008)\");\n script_bugtraq_id(12918);\n script_cve_id(\"CVE-2005-0469\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 765-1 (heimdal)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"heimdal-docs\", ver:\"0.4e-7.woody.11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-lib\", ver:\"0.4e-7.woody.11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-clients\", ver:\"0.4e-7.woody.11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-clients-x\", ver:\"0.4e-7.woody.11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-dev\", ver:\"0.4e-7.woody.11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-kdc\", ver:\"0.4e-7.woody.11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-servers\", ver:\"0.4e-7.woody.11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"heimdal-servers-x\", ver:\"0.4e-7.woody.11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libasn1-5-heimdal\", ver:\"0.4e-7.woody.11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcomerr1-heimdal\", ver:\"0.4e-7.woody.11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgssapi1-heimdal\", ver:\"0.4e-7.woody.11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libhdb7-heimdal\", ver:\"0.4e-7.woody.11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm5clnt4-heimdal\", ver:\"0.4e-7.woody.11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkadm5srv7-heimdal\", ver:\"0.4e-7.woody.11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkafs0-heimdal\", ver:\"0.4e-7.woody.11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkrb5-17-heimdal\", ver:\"0.4e-7.woody.11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libotp0-heimdal\", ver:\"0.4e-7.woody.11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libroken9-heimdal\", ver:\"0.4e-7.woody.11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsl0-heimdal\", ver:\"0.4e-7.woody.11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libss0-heimdal\", ver:\"0.4e-7.woody.11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:52", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200603-14.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=56542", "id": "OPENVAS:56542", "title": "Gentoo Security Advisory GLSA 200603-14 (heimdal)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"An error in the rshd daemon of Heimdal could allow authenticated users to\nelevate privileges.\";\ntag_solution = \"All Heimdal users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-crypt/heimdal-0.7.2'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200603-14\nhttp://bugs.gentoo.org/show_bug.cgi?id=121839\nhttp://www.pdc.kth.se/heimdal/advisory/2006-02-06/\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200603-14.\";\n\n \n\nif(description)\n{\n script_id(56542);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_bugtraq_id(16524);\n script_cve_id(\"CVE-2006-0582\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n script_name(\"Gentoo Security Advisory GLSA 200603-14 (heimdal)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-crypt/heimdal\", unaffected: make_list(\"ge 0.7.2\"), vulnerable: make_list(\"lt 0.7.2\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-24T12:49:47", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200503-36.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=54901", "id": "OPENVAS:54901", "title": "Gentoo Security Advisory GLSA 200503-36 (netkit-telnetd)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The netkit-telnetd telnet client is vulnerable to a buffer overflow, which\ncould allow a malicious telnet server operator to execute arbitrary code.\";\ntag_solution = \"All netkit-telnetd users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/netkit-telnetd-0.17-r6'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200503-36\nhttp://bugs.gentoo.org/show_bug.cgi?id=87211\nhttp://www.idefense.com/application/poi/display?id=220&type=vulnerabilities\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200503-36.\";\n\n \n\nif(description)\n{\n script_id(54901);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_bugtraq_id(12918);\n script_cve_id(\"CVE-2005-0469\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200503-36 (netkit-telnetd)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-misc/netkit-telnetd\", unaffected: make_list(\"ge 0.17-r6\"), vulnerable: make_list(\"lt 0.17-r6\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2020-02-01T07:52:27", "bulletinFamily": "scanner", "description": "A Project heimdal Security Advisory reports :\n\nThe telnet client program in Heimdal has buffer overflows in the\nfunctions slc_add_reply() and env_opt_add(), which may lead to remote\ncode execution.\n\nThe telnetd server program in Heimdal has buffer overflows in the\nfunction getterminaltype, which may lead to remote code execution.\n\nThe rshd server in Heimdal has a privilege escalation bug when storing\nforwarded credentials. The code allowes a user to overwrite a file\nwith its credential cache, and get ownership of the file.", "modified": "2020-02-02T00:00:00", "id": "FREEBSD_PKG_B62C80C2B81A11DABEC500123FFE8333.NASL", "href": "https://www.tenable.com/plugins/nessus/21499", "published": "2006-05-13T00:00:00", "title": "FreeBSD : heimdal -- Multiple vulnerabilities (b62c80c2-b81a-11da-bec5-00123ffe8333)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21499);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/08/02 13:32:38\");\n\n script_cve_id(\"CVE-2005-0469\", \"CVE-2005-2040\", \"CVE-2006-0582\", \"CVE-2006-0677\");\n\n script_name(english:\"FreeBSD : heimdal -- Multiple vulnerabilities (b62c80c2-b81a-11da-bec5-00123ffe8333)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A Project heimdal Security Advisory reports :\n\nThe telnet client program in Heimdal has buffer overflows in the\nfunctions slc_add_reply() and env_opt_add(), which may lead to remote\ncode execution.\n\nThe telnetd server program in Heimdal has buffer overflows in the\nfunction getterminaltype, which may lead to remote code execution.\n\nThe rshd server in Heimdal has a privilege escalation bug when storing\nforwarded credentials. The code allowes a user to overwrite a file\nwith its credential cache, and get ownership of the file.\"\n );\n # http://www.pdc.kth.se/heimdal/advisory/2005-04-20\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.pdc.kth.se/heimdal/advisory/2005-04-20\"\n );\n # http://www.pdc.kth.se/heimdal/advisory/2005-06-20\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.pdc.kth.se/heimdal/advisory/2005-06-20\"\n );\n # http://www.pdc.kth.se/heimdal/advisory/2006-02-06\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.pdc.kth.se/heimdal/advisory/2006-02-06\"\n );\n # https://vuxml.freebsd.org/freebsd/b62c80c2-b81a-11da-bec5-00123ffe8333.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?023a6fbf\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:heimdal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/02/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/05/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"heimdal<0.6.6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-10-28T21:22:08", "bulletinFamily": "scanner", "description": "The remote host is missing the patch for the advisory SUSE-SA:2006:011 (heimdal).\n\n\nHeimdal is a Kerberos 5 implementation from the Royal Institut of Techno-\nlogy in Stockholm.\nThis update fixes two bugs in heimdal. The first one occurs in the rsh\ndaemon and allows an authenticated malicious user to gain ownership of\nfiles that belong to other users (CVE-2006-0582).\nThe second bug affects the telnet server and can be used to crash the server\nbefore authentication happens. It is even a denial-of-service attack when\nthe telnetd is started via inetd because inetd stops forking the daemon\nwhen it forks too fast (CVE-2006-0677).", "modified": "2006-03-06T00:00:00", "id": "SUSE_SA_2006_011.NASL", "href": "https://www.tenable.com/plugins/nessus/21013", "published": "2006-03-06T00:00:00", "title": "SUSE-SA:2006:011: heimdal", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# This plugin text was extracted from SuSE Security Advisory SUSE-SA:2006:011\n#\n\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(21013);\n script_version (\"1.6\");\n \n name[\"english\"] = \"SUSE-SA:2006:011: heimdal\";\n \n script_name(english:name[\"english\"]);\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a vendor-supplied security patch\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is missing the patch for the advisory SUSE-SA:2006:011 (heimdal).\n\n\nHeimdal is a Kerberos 5 implementation from the Royal Institut of Techno-\nlogy in Stockholm.\nThis update fixes two bugs in heimdal. The first one occurs in the rsh\ndaemon and allows an authenticated malicious user to gain ownership of\nfiles that belong to other users (CVE-2006-0582).\nThe second bug affects the telnet server and can be used to crash the server\nbefore authentication happens. It is even a denial-of-service attack when\nthe telnetd is started via inetd because inetd stops forking the daemon\nwhen it forks too fast (CVE-2006-0677).\" );\n script_set_attribute(attribute:\"solution\", value:\n\"http://www.suse.de/security/advisories/2006_11_heimdal.html\" );\n script_set_attribute(attribute:\"risk_factor\", value:\"Medium\" );\n\n\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2006/03/06\");\n script_end_attributes();\n\n \n summary[\"english\"] = \"Check for the version of the heimdal package\";\n script_summary(english:summary[\"english\"]);\n \n script_category(ACT_GATHER_INFO);\n \n script_copyright(english:\"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.\");\n family[\"english\"] = \"SuSE Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/SuSE/rpm-list\");\n exit(0);\n}\n\ninclude(\"rpm.inc\");\nif ( rpm_check( reference:\"heimdal-0.6.1rc3-55.21\", release:\"SUSE9.1\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"heimdal-devel-0.6.1rc3-55.21\", release:\"SUSE9.1\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"heimdal-lib-0.6.1rc3-55.21\", release:\"SUSE9.1\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"heimdal-0.6.2-8.6\", release:\"SUSE9.2\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"heimdal-devel-0.6.2-8.6\", release:\"SUSE9.2\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"heimdal-lib-0.6.2-8.6\", release:\"SUSE9.2\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"heimdal-tools-0.6.2-8.4\", release:\"SUSE9.2\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"heimdal-tools-devel-0.6.2-8.4\", release:\"SUSE9.2\") )\n{\n security_warning(0);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-02-01T07:05:30", "bulletinFamily": "scanner", "description": "Two vulnerabilities have been discovered in heimdal, a free\nimplementation of Kerberos 5. The Common Vulnerabilities and Exposures\nproject identifies the following vulnerabilities :\n\n - CVE-2006-0582\n Privilege escalation in the rsh server allows an\n authenticated attacker to overwrite arbitrary files and\n gain ownership of them.\n\n - CVE-2006-0677\n A remote attacker could force the telnet server to crash\n before the user logged in, resulting in inetd turning\n telnetd off because it forked too fast.\n\nThe old stable distribution (woody) does not expose rsh and telnet\nservers.", "modified": "2020-02-02T00:00:00", "id": "DEBIAN_DSA-977.NASL", "href": "https://www.tenable.com/plugins/nessus/22843", "published": "2006-10-14T00:00:00", "title": "Debian DSA-977-1 : heimdal - several vulnerabilities", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-977. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(22843);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/08/02 13:32:20\");\n\n script_cve_id(\"CVE-2006-0582\", \"CVE-2006-0677\");\n script_xref(name:\"DSA\", value:\"977\");\n\n script_name(english:\"Debian DSA-977-1 : heimdal - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two vulnerabilities have been discovered in heimdal, a free\nimplementation of Kerberos 5. The Common Vulnerabilities and Exposures\nproject identifies the following vulnerabilities :\n\n - CVE-2006-0582\n Privilege escalation in the rsh server allows an\n authenticated attacker to overwrite arbitrary files and\n gain ownership of them.\n\n - CVE-2006-0677\n A remote attacker could force the telnet server to crash\n before the user logged in, resulting in inetd turning\n telnetd off because it forked too fast.\n\nThe old stable distribution (woody) does not expose rsh and telnet\nservers.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-0582\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-0677\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2006/dsa-977\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the heimdal packages.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 0.6.3-10sarge2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:heimdal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/02/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-clients\", reference:\"0.6.3-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-clients-x\", reference:\"0.6.3-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-dev\", reference:\"0.6.3-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-docs\", reference:\"0.6.3-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-kdc\", reference:\"0.6.3-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-servers\", reference:\"0.6.3-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-servers-x\", reference:\"0.6.3-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libasn1-6-heimdal\", reference:\"0.6.3-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libgssapi1-heimdal\", reference:\"0.6.3-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libhdb7-heimdal\", reference:\"0.6.3-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkadm5clnt4-heimdal\", reference:\"0.6.3-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkadm5srv7-heimdal\", reference:\"0.6.3-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkafs0-heimdal\", reference:\"0.6.3-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkrb5-17-heimdal\", reference:\"0.6.3-10sarge2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-10-28T21:22:07", "bulletinFamily": "scanner", "description": "The remote host is missing the patch for the advisory SUSE-SA:2005:040 (heimdal).\n\n\nA remote buffer overflow has been fixed in the heimdal / kerberos\ntelnetd daemon which could lead to a remote user executing code as\nroot by overflowing a buffer.\n\nThis attack requires the use of the kerberized telnetd of the heimdal\nsuite, which is not used by default on SUSE systems.\n\nThis is tracked by the Mitre CVE ID CVE-2005-2040.", "modified": "2005-07-20T00:00:00", "id": "SUSE_SA_2005_040.NASL", "href": "https://www.tenable.com/plugins/nessus/19249", "published": "2005-07-20T00:00:00", "title": "SUSE-SA:2005:040: heimdal", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# This plugin text was extracted from SuSE Security Advisory SUSE-SA:2005:040\n#\n\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(19249);\n script_version (\"1.8\");\n \n name[\"english\"] = \"SUSE-SA:2005:040: heimdal\";\n \n script_name(english:name[\"english\"]);\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a vendor-supplied security patch\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is missing the patch for the advisory SUSE-SA:2005:040 (heimdal).\n\n\nA remote buffer overflow has been fixed in the heimdal / kerberos\ntelnetd daemon which could lead to a remote user executing code as\nroot by overflowing a buffer.\n\nThis attack requires the use of the kerberized telnetd of the heimdal\nsuite, which is not used by default on SUSE systems.\n\nThis is tracked by the Mitre CVE ID CVE-2005-2040.\" );\n script_set_attribute(attribute:\"solution\", value:\n\"http://www.suse.de/security/advisories/2005_40_heimdal.html\" );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\" );\n\n\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2005/07/20\");\n script_end_attributes();\n\n \n summary[\"english\"] = \"Check for the version of the heimdal package\";\n script_summary(english:summary[\"english\"]);\n \n script_category(ACT_GATHER_INFO);\n \n script_copyright(english:\"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.\");\n family[\"english\"] = \"SuSE Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/SuSE/rpm-list\");\n exit(0);\n}\n\ninclude(\"rpm.inc\");\nif ( rpm_check( reference:\"heimdal-0.4e-413\", release:\"SUSE8.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"heimdal-0.6-165\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"heimdal-0.6.1rc3-55.18\", release:\"SUSE9.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"heimdal-0.6.2-8.4\", release:\"SUSE9.2\") )\n{\n security_hole(0);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-02-01T07:54:49", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-200506-24\n(Heimdal: Buffer overflow vulnerabilities)\n\n It has been reported that the ", "modified": "2020-02-02T00:00:00", "id": "GENTOO_GLSA-200506-24.NASL", "href": "https://www.tenable.com/plugins/nessus/18590", "published": "2005-06-29T00:00:00", "title": "GLSA-200506-24 : Heimdal: Buffer overflow vulnerabilities", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200506-24.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18590);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/08/02 13:32:42\");\n\n script_cve_id(\"CVE-2005-2040\");\n script_xref(name:\"GLSA\", value:\"200506-24\");\n\n script_name(english:\"GLSA-200506-24 : Heimdal: Buffer overflow vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200506-24\n(Heimdal: Buffer overflow vulnerabilities)\n\n It has been reported that the 'getterminaltype' function of\n Heimdal's telnetd server is vulnerable to buffer overflows.\n \nImpact :\n\n An attacker could exploit this vulnerability to execute arbitrary\n code with the permission of the telnetd server program.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # http://www.pdc.kth.se/heimdal/advisory/2005-06-20/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.pdc.kth.se/heimdal/advisory/2005-06-20/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200506-24\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All users should upgrade to the latest available version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-crypt/heimdal-0.6.5'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:heimdal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/06/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-crypt/heimdal\", unaffected:make_list(\"ge 0.6.5\"), vulnerable:make_list(\"lt 0.6.5\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Heimdal\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-02-01T07:05:01", "bulletinFamily": "scanner", "description": "A buffer overflow has been discovered in the telnet server from\nHeimdal, a free implementation of Kerberos 5, that could lead to the\nexecution of arbitrary code.", "modified": "2020-02-02T00:00:00", "id": "DEBIAN_DSA-758.NASL", "href": "https://www.tenable.com/plugins/nessus/19220", "published": "2005-07-18T00:00:00", "title": "Debian DSA-758-1 : heimdal - buffer overflow", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-758. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(19220);\n script_version(\"1.17\");\n script_cvs_date(\"Date: 2019/08/02 13:32:18\");\n\n script_cve_id(\"CVE-2005-2040\");\n script_xref(name:\"DSA\", value:\"758\");\n\n script_name(english:\"Debian DSA-758-1 : heimdal - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow has been discovered in the telnet server from\nHeimdal, a free implementation of Kerberos 5, that could lead to the\nexecution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2005/dsa-758\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the heimdal packages.\n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 0.4e-7.woody.10.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 0.6.3-10sarge1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:heimdal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/07/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/18\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/06/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"heimdal-clients\", reference:\"0.4e-7.woody.10\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"heimdal-clients-x\", reference:\"0.4e-7.woody.10\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"heimdal-dev\", reference:\"0.4e-7.woody.10\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"heimdal-docs\", reference:\"0.4e-7.woody.10\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"heimdal-kdc\", reference:\"0.4e-7.woody.10\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"heimdal-lib\", reference:\"0.4e-7.woody.10\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"heimdal-servers\", reference:\"0.4e-7.woody.10\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"heimdal-servers-x\", reference:\"0.4e-7.woody.10\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libasn1-5-heimdal\", reference:\"0.4e-7.woody.10\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libcomerr1-heimdal\", reference:\"0.4e-7.woody.10\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libgssapi1-heimdal\", reference:\"0.4e-7.woody.10\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libhdb7-heimdal\", reference:\"0.4e-7.woody.10\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libkadm5clnt4-heimdal\", reference:\"0.4e-7.woody.10\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libkadm5srv7-heimdal\", reference:\"0.4e-7.woody.10\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libkafs0-heimdal\", reference:\"0.4e-7.woody.10\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libkrb5-17-heimdal\", reference:\"0.4e-7.woody.10\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libotp0-heimdal\", reference:\"0.4e-7.woody.10\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libroken9-heimdal\", reference:\"0.4e-7.woody.10\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libsl0-heimdal\", reference:\"0.4e-7.woody.10\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libss0-heimdal\", reference:\"0.4e-7.woody.10\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-clients\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-clients-x\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-dev\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-docs\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-kdc\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-servers\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-servers-x\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libasn1-6-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libgssapi1-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libhdb7-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkadm5clnt4-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkadm5srv7-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkafs0-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkrb5-17-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-02-01T02:38:24", "bulletinFamily": "scanner", "description": "A remote Denial of Service vulnerability was discovered in the heimdal\nimplementation of the telnet daemon. A remote attacker could force the\nserver to crash due to a NULL de-reference before the user logged in,\nresulting in inetd turning telnetd off because it forked too fast.\n\nPlease note that the heimdal-servers package is not officially\nsupported in Ubuntu (it is in the ", "modified": "2020-02-02T00:00:00", "id": "UBUNTU_USN-253-1.NASL", "href": "https://www.tenable.com/plugins/nessus/21061", "published": "2006-03-13T00:00:00", "title": "Ubuntu 4.10 / 5.04 / 5.10 : heimdal vulnerability (USN-253-1)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-253-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21061);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/08/02 13:33:00\");\n\n script_cve_id(\"CVE-2006-0677\");\n script_xref(name:\"USN\", value:\"253-1\");\n\n script_name(english:\"Ubuntu 4.10 / 5.04 / 5.10 : heimdal vulnerability (USN-253-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A remote Denial of Service vulnerability was discovered in the heimdal\nimplementation of the telnet daemon. A remote attacker could force the\nserver to crash due to a NULL de-reference before the user logged in,\nresulting in inetd turning telnetd off because it forked too fast.\n\nPlease note that the heimdal-servers package is not officially\nsupported in Ubuntu (it is in the 'universe' component of the\narchive). However, this affects you if you use a customized version\nbuilt from the heimdal source package (which is supported).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:heimdal-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:heimdal-clients-x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:heimdal-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:heimdal-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:heimdal-kdc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:heimdal-servers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:heimdal-servers-x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libasn1-6-heimdal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libgssapi1-heimdal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libhdb7-heimdal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libkadm5clnt4-heimdal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libkadm5srv7-heimdal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libkafs0-heimdal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libkrb5-17-heimdal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:4.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/03/13\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/02/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(4\\.10|5\\.04|5\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 4.10 / 5.04 / 5.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"4.10\", pkgname:\"heimdal-clients\", pkgver:\"0.6.2-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"heimdal-clients-x\", pkgver:\"0.6.2-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"heimdal-dev\", pkgver:\"0.6.2-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"heimdal-docs\", pkgver:\"0.6.2-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"heimdal-kdc\", pkgver:\"0.6.2-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"heimdal-servers\", pkgver:\"0.6.2-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"heimdal-servers-x\", pkgver:\"0.6.2-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"libasn1-6-heimdal\", pkgver:\"0.6.2-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"libgssapi1-heimdal\", pkgver:\"0.6.2-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"libhdb7-heimdal\", pkgver:\"0.6.2-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"libkadm5clnt4-heimdal\", pkgver:\"0.6.2-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"libkadm5srv7-heimdal\", pkgver:\"0.6.2-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"libkafs0-heimdal\", pkgver:\"0.6.2-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"libkrb5-17-heimdal\", pkgver:\"0.6.2-3ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"heimdal-clients\", pkgver:\"0.6.3-7ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"heimdal-clients-x\", pkgver:\"0.6.3-7ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"heimdal-dev\", pkgver:\"0.6.3-7ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"heimdal-docs\", pkgver:\"0.6.3-7ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"heimdal-kdc\", pkgver:\"0.6.3-7ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"heimdal-servers\", pkgver:\"0.6.3-7ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"heimdal-servers-x\", pkgver:\"0.6.3-7ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libasn1-6-heimdal\", pkgver:\"0.6.3-7ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libgssapi1-heimdal\", pkgver:\"0.6.3-7ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libhdb7-heimdal\", pkgver:\"0.6.3-7ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libkadm5clnt4-heimdal\", pkgver:\"0.6.3-7ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libkadm5srv7-heimdal\", pkgver:\"0.6.3-7ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libkafs0-heimdal\", pkgver:\"0.6.3-7ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libkrb5-17-heimdal\", pkgver:\"0.6.3-7ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"heimdal-clients\", pkgver:\"0.6.3-11ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"heimdal-clients-x\", pkgver:\"0.6.3-11ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"heimdal-dev\", pkgver:\"0.6.3-11ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"heimdal-docs\", pkgver:\"0.6.3-11ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"heimdal-kdc\", pkgver:\"0.6.3-11ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"heimdal-servers\", pkgver:\"0.6.3-11ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"heimdal-servers-x\", pkgver:\"0.6.3-11ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libasn1-6-heimdal\", pkgver:\"0.6.3-11ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libgssapi1-heimdal\", pkgver:\"0.6.3-11ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libhdb7-heimdal\", pkgver:\"0.6.3-11ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libkadm5clnt4-heimdal\", pkgver:\"0.6.3-11ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libkadm5srv7-heimdal\", pkgver:\"0.6.3-11ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libkafs0-heimdal\", pkgver:\"0.6.3-11ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libkrb5-17-heimdal\", pkgver:\"0.6.3-11ubuntu1.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"heimdal-clients / heimdal-clients-x / heimdal-dev / heimdal-docs / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-02-01T07:04:54", "bulletinFamily": "scanner", "description": "Gael Delalleau discovered a buffer overflow in the handling of the\nLINEMODE suboptions in telnet clients. This can lead to the execution\nof arbitrary code when connected to a malicious server.", "modified": "2020-02-02T00:00:00", "id": "DEBIAN_DSA-699.NASL", "href": "https://www.tenable.com/plugins/nessus/17641", "published": "2005-03-29T00:00:00", "title": "Debian DSA-699-1 : netkit-telnet-ssl - buffer overflow", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-699. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(17641);\n script_version(\"1.25\");\n script_cvs_date(\"Date: 2019/08/02 13:32:18\");\n\n script_cve_id(\"CVE-2005-0469\");\n script_xref(name:\"CERT\", value:\"291924\");\n script_xref(name:\"DSA\", value:\"699\");\n\n script_name(english:\"Debian DSA-699-1 : netkit-telnet-ssl - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Gael Delalleau discovered a buffer overflow in the handling of the\nLINEMODE suboptions in telnet clients. This can lead to the execution\nof arbitrary code when connected to a malicious server.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2005/dsa-699\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the telnet-ssl package.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 0.17.17+0.1-2woody4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:netkit-telnet-ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/03/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/03/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"telnet-ssl\", reference:\"0.17.17+0.1-2woody4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"telnetd-ssl\", reference:\"0.17.17+0.1-2woody4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-02-01T07:54:50", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-200603-14\n(Heimdal: rshd privilege escalation)\n\n An unspecified privilege escalation vulnerability in the rshd\n server of Heimdal has been reported.\n \nImpact :\n\n Authenticated users could exploit the vulnerability to escalate\n privileges or to change the ownership and content of arbitrary files.\n \nWorkaround :\n\n There is no known workaround at this time.", "modified": "2020-02-02T00:00:00", "id": "GENTOO_GLSA-200603-14.NASL", "href": "https://www.tenable.com/plugins/nessus/21095", "published": "2006-03-18T00:00:00", "title": "GLSA-200603-14 : Heimdal: rshd privilege escalation", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200603-14.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21095);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/08/02 13:32:43\");\n\n script_cve_id(\"CVE-2006-0582\");\n script_xref(name:\"GLSA\", value:\"200603-14\");\n\n script_name(english:\"GLSA-200603-14 : Heimdal: rshd privilege escalation\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200603-14\n(Heimdal: rshd privilege escalation)\n\n An unspecified privilege escalation vulnerability in the rshd\n server of Heimdal has been reported.\n \nImpact :\n\n Authenticated users could exploit the vulnerability to escalate\n privileges or to change the ownership and content of arbitrary files.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # http://www.pdc.kth.se/heimdal/advisory/2006-02-06/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.pdc.kth.se/heimdal/advisory/2006-02-06/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200603-14\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Heimdal users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-crypt/heimdal-0.7.2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:heimdal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/03/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-crypt/heimdal\", unaffected:make_list(\"ge 0.7.2\"), vulnerable:make_list(\"lt 0.7.2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:qpkg_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Heimdal\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-02-01T02:38:22", "bulletinFamily": "scanner", "description": "A privilege escalation flaw has been found in the heimdal rsh (remote\nshell) server. This allowed an authenticated attacker to overwrite\narbitrary files and gain ownership of them.\n\nPlease note that the heimdal-servers package is not officially\nsupported in Ubuntu (it is in the ", "modified": "2020-02-02T00:00:00", "id": "UBUNTU_USN-247-1.NASL", "href": "https://www.tenable.com/plugins/nessus/21055", "published": "2006-03-13T00:00:00", "title": "Ubuntu 4.10 / 5.04 / 5.10 : heimdal vulnerability (USN-247-1)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-247-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21055);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/08/02 13:33:00\");\n\n script_cve_id(\"CVE-2006-0582\");\n script_xref(name:\"USN\", value:\"247-1\");\n\n script_name(english:\"Ubuntu 4.10 / 5.04 / 5.10 : heimdal vulnerability (USN-247-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A privilege escalation flaw has been found in the heimdal rsh (remote\nshell) server. This allowed an authenticated attacker to overwrite\narbitrary files and gain ownership of them.\n\nPlease note that the heimdal-servers package is not officially\nsupported in Ubuntu (it is in the 'universe' component of the\narchive). However, this affects you if you use a customized version\nbuilt from the heimdal source package (which is supported).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:heimdal-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:heimdal-clients-x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:heimdal-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:heimdal-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:heimdal-kdc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:heimdal-servers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:heimdal-servers-x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libasn1-6-heimdal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libgssapi1-heimdal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libhdb7-heimdal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libkadm5clnt4-heimdal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libkadm5srv7-heimdal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libkafs0-heimdal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libkrb5-17-heimdal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:4.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/03/13\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/02/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(4\\.10|5\\.04|5\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 4.10 / 5.04 / 5.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"4.10\", pkgname:\"heimdal-clients\", pkgver:\"0.6.2-3ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"heimdal-clients-x\", pkgver:\"0.6.2-3ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"heimdal-dev\", pkgver:\"0.6.2-3ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"heimdal-docs\", pkgver:\"0.6.2-3ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"heimdal-kdc\", pkgver:\"0.6.2-3ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"heimdal-servers\", pkgver:\"0.6.2-3ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"heimdal-servers-x\", pkgver:\"0.6.2-3ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"libasn1-6-heimdal\", pkgver:\"0.6.2-3ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"libgssapi1-heimdal\", pkgver:\"0.6.2-3ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"libhdb7-heimdal\", pkgver:\"0.6.2-3ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"libkadm5clnt4-heimdal\", pkgver:\"0.6.2-3ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"libkadm5srv7-heimdal\", pkgver:\"0.6.2-3ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"libkafs0-heimdal\", pkgver:\"0.6.2-3ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"libkrb5-17-heimdal\", pkgver:\"0.6.2-3ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"heimdal-clients\", pkgver:\"0.6.3-7ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"heimdal-clients-x\", pkgver:\"0.6.3-7ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"heimdal-dev\", pkgver:\"0.6.3-7ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"heimdal-docs\", pkgver:\"0.6.3-7ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"heimdal-kdc\", pkgver:\"0.6.3-7ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"heimdal-servers\", pkgver:\"0.6.3-7ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"heimdal-servers-x\", pkgver:\"0.6.3-7ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libasn1-6-heimdal\", pkgver:\"0.6.3-7ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libgssapi1-heimdal\", pkgver:\"0.6.3-7ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libhdb7-heimdal\", pkgver:\"0.6.3-7ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libkadm5clnt4-heimdal\", pkgver:\"0.6.3-7ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libkadm5srv7-heimdal\", pkgver:\"0.6.3-7ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libkafs0-heimdal\", pkgver:\"0.6.3-7ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"libkrb5-17-heimdal\", pkgver:\"0.6.3-7ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"heimdal-clients\", pkgver:\"0.6.3-11ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"heimdal-clients-x\", pkgver:\"0.6.3-11ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"heimdal-dev\", pkgver:\"0.6.3-11ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"heimdal-docs\", pkgver:\"0.6.3-11ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"heimdal-kdc\", pkgver:\"0.6.3-11ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"heimdal-servers\", pkgver:\"0.6.3-11ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"heimdal-servers-x\", pkgver:\"0.6.3-11ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libasn1-6-heimdal\", pkgver:\"0.6.3-11ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libgssapi1-heimdal\", pkgver:\"0.6.3-11ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libhdb7-heimdal\", pkgver:\"0.6.3-11ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libkadm5clnt4-heimdal\", pkgver:\"0.6.3-11ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libkadm5srv7-heimdal\", pkgver:\"0.6.3-11ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libkafs0-heimdal\", pkgver:\"0.6.3-11ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libkrb5-17-heimdal\", pkgver:\"0.6.3-11ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"heimdal-clients / heimdal-clients-x / heimdal-dev / heimdal-docs / etc\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}], "debian": [{"lastseen": "2019-05-30T02:23:03", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 977-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nFebruary 16th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : heimdal\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE IDs : CVE-2006-0582 CVE-2006-0677\nCERT advisory : \nBugTraq ID : \nDebian Bug : \n\nTwo vulnerabilities have been discovered in heimdal, a free\nimplementation of Kerberos 5. The Common Vulnerabilities and\nExposures project identifies the following vulnerabilities:\n\nCVE-2006-0582\n\n Privilege escalation in the rsh server allows an authenticated\n attacker to overwrite arbitrary files and gain ownership of them.\n\nCVE-2006-0677\n\n A remote attacker could force the telnet server to crash before\n the user logged in, resulting in inetd turning telnetd off because\n it forked too fast.\n\nThe old stable distribution (woody) does not expose rsh and telnet servers.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 0.6.3-10sarge2.\n\nFor the unstable distribution (sid) these problems will be fixed soon.\n\nWe recommend that you upgrade your heimdal packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.6.3-10sarge2.dsc\n Size/MD5 checksum: 1022 e10ac60af505b2c808c8e06109237753\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.6.3-10sarge2.diff.gz\n Size/MD5 checksum: 3220033 df09ee1a184485a19e6985b75d5f96cf\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.6.3.orig.tar.gz\n Size/MD5 checksum: 3321408 2a9d4bfbdaade7132279758ccd5c0c4f\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-docs_0.6.3-10sarge2_all.deb\n Size/MD5 checksum: 1166966 4e8c53168e9d1c884cc288d5fe3df8d1\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge2_alpha.deb\n Size/MD5 checksum: 308168 d3dec13290df9230d69cc52655c023d2\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge2_alpha.deb\n Size/MD5 checksum: 70068 eb02f90108c50bfe2edf48c41d49ca4b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge2_alpha.deb\n Size/MD5 checksum: 584820 8cfceef35c62d06fa50d8c690b025459\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge2_alpha.deb\n Size/MD5 checksum: 146738 7b513c8d5db45e7ca49a8a66297446ea\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge2_alpha.deb\n Size/MD5 checksum: 197460 44958184561d6014ba189d096c56da76\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge2_alpha.deb\n Size/MD5 checksum: 46004 40ca4b4bfaa57adabeb9145612a47fc1\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge2_alpha.deb\n Size/MD5 checksum: 77658 3d66c5918c0b37c6e489679914218eb7\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge2_alpha.deb\n Size/MD5 checksum: 57760 22fee002e9dfbdc56cc63edd740ae6d4\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge2_alpha.deb\n Size/MD5 checksum: 54470 dc7803799fee7d03d9bab860507eb19d\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge2_alpha.deb\n Size/MD5 checksum: 39528 af0a21decdadd174d6940f4f1ef2f5d3\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge2_alpha.deb\n Size/MD5 checksum: 50552 c3a1f1f7900a81942bd418a81e97a150\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge2_alpha.deb\n Size/MD5 checksum: 38752 b9e9389950f3725f7f05e17274b6a6e1\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge2_alpha.deb\n Size/MD5 checksum: 157166 a55fc05a97a33b70a06167ebbe3fb77d\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge2_amd64.deb\n Size/MD5 checksum: 278562 efb82c9064af44b973ff55b1ee861f61\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge2_amd64.deb\n Size/MD5 checksum: 66104 f6a3836d17846185a5faffe5d129744d\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge2_amd64.deb\n Size/MD5 checksum: 471726 489cca63277b77aa71fb10521f73fdda\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge2_amd64.deb\n Size/MD5 checksum: 136088 edf527cd867f5aaf2f973cbeef7c4b87\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge2_amd64.deb\n Size/MD5 checksum: 176986 83afbcd448d68088a9cc8faf08a16098\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge2_amd64.deb\n Size/MD5 checksum: 43224 5709c72070fd717af264069408a21654\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge2_amd64.deb\n Size/MD5 checksum: 76946 e62281d669e215b7a4a4237d62ce9c84\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge2_amd64.deb\n Size/MD5 checksum: 53722 d41adf4bc367f61d2c3df6eef087f6cb\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge2_amd64.deb\n Size/MD5 checksum: 53280 f9e877adf55190db75433c1bf1c88c60\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge2_amd64.deb\n Size/MD5 checksum: 38402 116c38d3d37143bab2dacb20d950efbe\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge2_amd64.deb\n Size/MD5 checksum: 48712 88b7d654753b0a0233228dedda33e319\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge2_amd64.deb\n Size/MD5 checksum: 37336 6def1fb454c66692efa21cc2a79b06d6\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge2_amd64.deb\n Size/MD5 checksum: 143916 814278fa66f0d60d3befd289dced1d6a\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge2_arm.deb\n Size/MD5 checksum: 252008 16774d5e4f558af2f2f69c6f0dd82b49\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge2_arm.deb\n Size/MD5 checksum: 61834 09eae77631fc52ff1b5c5a527316e6db\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge2_arm.deb\n Size/MD5 checksum: 438256 d2c01b64fbcbfdcb734d2f9d28325d36\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge2_arm.deb\n Size/MD5 checksum: 124384 be3b9af9bf14fa2674833b361a23d3cd\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge2_arm.deb\n Size/MD5 checksum: 160202 4541ae8a15b806d1543b0c38d44b1790\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge2_arm.deb\n Size/MD5 checksum: 40562 8e81e4b4dd54b6f01517cc81099070d6\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge2_arm.deb\n Size/MD5 checksum: 69310 fc602b684a11928c7689bbc522fd585f\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge2_arm.deb\n Size/MD5 checksum: 49976 ddd2a83b7a7ae8e073963ffd6275c84f\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge2_arm.deb\n Size/MD5 checksum: 48846 ea9c744c55b867a7644d1585867528ed\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge2_arm.deb\n Size/MD5 checksum: 35796 8f0ab4830278c14a9ecd27fc50bd57f9\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge2_arm.deb\n Size/MD5 checksum: 43680 ea9404504494f9c06251a338905d7403\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge2_arm.deb\n Size/MD5 checksum: 34978 83c5c78107bb94f1496219fc29cf356a\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge2_arm.deb\n Size/MD5 checksum: 122806 e084fecf1817edaa50c8834141b456bb\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge2_i386.deb\n Size/MD5 checksum: 253024 095b7895ebf45d2884cfa07d47e111fc\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge2_i386.deb\n Size/MD5 checksum: 62224 08bbbd9955100f562691e02f2e94a0dc\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge2_i386.deb\n Size/MD5 checksum: 420202 8ff98ab463f9375391797a115c42821f\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge2_i386.deb\n Size/MD5 checksum: 126940 f845aa5b23a492a335f870dec75f04da\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge2_i386.deb\n Size/MD5 checksum: 162378 a93e74e250f61363c5a83d6e4a31959b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge2_i386.deb\n Size/MD5 checksum: 41428 c7f2e3548ee7e5ddfe6993328852edd6\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge2_i386.deb\n Size/MD5 checksum: 75802 5f6a83946f6b8ce519ae9f98f00fa711\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge2_i386.deb\n Size/MD5 checksum: 52022 06f2bf9be33e1bdd8664685fea4202dd\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge2_i386.deb\n Size/MD5 checksum: 51270 bf3a7a9e63b2fb8a21c7d4621580cf91\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge2_i386.deb\n Size/MD5 checksum: 37184 0007b5c855739fb5d36ef5206e02ed9f\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge2_i386.deb\n Size/MD5 checksum: 46586 7b3b77f29b3fe448427e8b7f0e880a11\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge2_i386.deb\n Size/MD5 checksum: 36120 c5de63ff37629be92d4e9ba69bdec37d\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge2_i386.deb\n Size/MD5 checksum: 132878 c800b72bfed47f4d297b517cd46b2b23\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge2_ia64.deb\n Size/MD5 checksum: 359684 3f89b62694dba5abf5a4f904295c4afc\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge2_ia64.deb\n Size/MD5 checksum: 76322 666102cdf71b3aa70d6ae9a0953901dd\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge2_ia64.deb\n Size/MD5 checksum: 574446 24cfec6a894bed516ed31b52abc87674\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge2_ia64.deb\n Size/MD5 checksum: 167470 566591403cf6fd985f0a038ba8a7b84a\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge2_ia64.deb\n Size/MD5 checksum: 223840 70dfbc8ac68fb1ca1d9aa23771517b44\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge2_ia64.deb\n Size/MD5 checksum: 49062 a490d5d259e12ae4b7c946d2f2f63d38\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge2_ia64.deb\n Size/MD5 checksum: 86966 4fd49ad65267ec59f77110184c1c49b7\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge2_ia64.deb\n Size/MD5 checksum: 63298 4d94187db188607071d34eab1af32ed1\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge2_ia64.deb\n Size/MD5 checksum: 61766 0a691141fca338a4b142ea0db98d5123\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge2_ia64.deb\n Size/MD5 checksum: 41848 6a8e2618ecd56af7a1e9f501c7d0f808\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge2_ia64.deb\n Size/MD5 checksum: 55212 73fed674b63b8572da72e3ba86da5ec4\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge2_ia64.deb\n Size/MD5 checksum: 41782 62a5b908aa424f6bfe45907ed2137a52\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge2_ia64.deb\n Size/MD5 checksum: 181324 dfc849b3b38fcfe039b0ef2003d25c6c\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge2_hppa.deb\n Size/MD5 checksum: 282562 345796850062c1019b97e687b052a47c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge2_hppa.deb\n Size/MD5 checksum: 65862 7ad8b87c9f664cf0855ffd8834a14319\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge2_hppa.deb\n Size/MD5 checksum: 472902 5170ae4e84357e0748d9d8e0900054b9\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge2_hppa.deb\n Size/MD5 checksum: 134316 5537896e01aa9c0dc1d0bb1f8bad4870\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge2_hppa.deb\n Size/MD5 checksum: 178012 eb355699315286f0ec9a2ec620bcf61a\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge2_hppa.deb\n Size/MD5 checksum: 42800 ee2f4e7743292c846e6dee48c8c42dc9\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge2_hppa.deb\n Size/MD5 checksum: 75876 e98c4350cea1fb10560083cfe0772c1f\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge2_hppa.deb\n Size/MD5 checksum: 54084 21292023be20d864fb94a919fd76b32d\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge2_hppa.deb\n Size/MD5 checksum: 54618 ca993b4b2c35be3bfdc1f05d976ea681\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge2_hppa.deb\n Size/MD5 checksum: 38596 36331ca10868ead56c7b02fffb453af3\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge2_hppa.deb\n Size/MD5 checksum: 49014 7918b3107fdb8068e13d67b1ae6dbe72\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge2_hppa.deb\n Size/MD5 checksum: 38150 6f0e5f85b0624ab8646b75413eb21a01\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge2_hppa.deb\n Size/MD5 checksum: 149118 6952c32cf7b1ac93a9dc2b5fd4b31e82\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge2_m68k.deb\n Size/MD5 checksum: 238546 64969d98e1d59e73e0311df841dab969\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge2_m68k.deb\n Size/MD5 checksum: 59806 4024904f586f9ae555c6b74338287c51\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge2_m68k.deb\n Size/MD5 checksum: 386518 6d7701aa9e7fa04184f7a76cdc897f31\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge2_m68k.deb\n Size/MD5 checksum: 121714 e599a14f334f282c394e8991a6acaa6c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge2_m68k.deb\n Size/MD5 checksum: 149354 0cb258e342dc2b6ecaf6cf9fd3e82b59\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge2_m68k.deb\n Size/MD5 checksum: 40100 b12e4d1f35a19985d02c096e8cd45f38\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge2_m68k.deb\n Size/MD5 checksum: 62774 2b045ce0eb7d02f2409fb4583f992bc7\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge2_m68k.deb\n Size/MD5 checksum: 49024 b12967671830fde5fac964d8c8f06fc5\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge2_m68k.deb\n Size/MD5 checksum: 48238 3a567410926d2de691d53545a218356f\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge2_m68k.deb\n Size/MD5 checksum: 36126 ef23ecc33c0b8ba2b525aa1096dd1861\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge2_m68k.deb\n Size/MD5 checksum: 44148 189e4f57b0d0fc6f3ec50bcfa5b422b9\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge2_m68k.deb\n Size/MD5 checksum: 35148 2ef92b05e4522c44c184149c6660114f\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge2_m68k.deb\n Size/MD5 checksum: 122890 79088d5df6abc2f1fa607cc484f425d5\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge2_mips.deb\n Size/MD5 checksum: 304102 6d480252912fd1ce32bfa827287369fc\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge2_mips.deb\n Size/MD5 checksum: 64830 13dbdb0677038db374a63992690c236a\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge2_mips.deb\n Size/MD5 checksum: 475062 9be38e31d4b8f3eec269c5ad2c714201\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge2_mips.deb\n Size/MD5 checksum: 145792 9b0c6b487097f8138007bb7a7c1ed2bf\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge2_mips.deb\n Size/MD5 checksum: 178858 671ddaad1853d4d4403561778b406fef\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge2_mips.deb\n Size/MD5 checksum: 43108 48d33736a237c639097af6f1b6755867\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge2_mips.deb\n Size/MD5 checksum: 67504 705dcfd8ad9980314467851fcb0ed150\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge2_mips.deb\n Size/MD5 checksum: 50972 aeb27bb296bfbdc4257a4d41d52e7b9b\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge2_mips.deb\n Size/MD5 checksum: 49892 d78d82ca357a0f4d83caf405f6df1afe\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge2_mips.deb\n Size/MD5 checksum: 36948 94b37bee2a659ae60f22d90efc6cc24b\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge2_mips.deb\n Size/MD5 checksum: 45722 7da2fb362d462a5a81246c42d6a6ad7a\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge2_mips.deb\n Size/MD5 checksum: 36642 d16a318061526d97be0ccb7b69dfd6e5\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge2_mips.deb\n Size/MD5 checksum: 136546 d9b59743566f6ae54283e538164aaddd\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge2_mipsel.deb\n Size/MD5 checksum: 303770 193b9dcc657a4617aee83bccd8f51521\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge2_mipsel.deb\n Size/MD5 checksum: 64836 23430f0c4319990f0fe14e7c333fad33\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge2_mipsel.deb\n Size/MD5 checksum: 475892 666ef86c4bc5e742cda43bc8eac1a1f3\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge2_mipsel.deb\n Size/MD5 checksum: 145968 70f141e3a42087a983c8a77ee035fcb9\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge2_mipsel.deb\n Size/MD5 checksum: 178692 fb76ef8c826b3b61128dd87049551750\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge2_mipsel.deb\n Size/MD5 checksum: 43064 f67aba409c832f4d5f957cbe7d318c97\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge2_mipsel.deb\n Size/MD5 checksum: 66966 eb35e18dc6a72e638a7036bf4ae40819\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge2_mipsel.deb\n Size/MD5 checksum: 50952 273ec332cdc3e4c1be461f52bff51269\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge2_mipsel.deb\n Size/MD5 checksum: 49644 1f8d69286675079276cb095c87d193c7\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge2_mipsel.deb\n Size/MD5 checksum: 36822 87bb578cb7d69ee8317bcc23cc8609f7\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge2_mipsel.deb\n Size/MD5 checksum: 45614 bd9e21a8ca7109de4e2f8785eb2955e3\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge2_mipsel.deb\n Size/MD5 checksum: 36660 e066186853493a021b12c5924a021a2e\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge2_mipsel.deb\n Size/MD5 checksum: 135588 e80babce9b56d393eaa7317f8f85bcfa\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge2_powerpc.deb\n Size/MD5 checksum: 285114 b2e5662295b29a94f16553dde81f4c4b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge2_powerpc.deb\n Size/MD5 checksum: 66366 29b55b0a0c37d34ee4824463e7e29d77\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge2_powerpc.deb\n Size/MD5 checksum: 447702 412884fae086005cbac305dc0a9520fc\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge2_powerpc.deb\n Size/MD5 checksum: 139880 0e4e0160598ab1737238ee36b2603d94\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge2_powerpc.deb\n Size/MD5 checksum: 174640 90954dc5050720f8dc283a20a2fc9216\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge2_powerpc.deb\n Size/MD5 checksum: 43230 af7cb15c62a2bb6dcfde90e6d657c32b\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge2_powerpc.deb\n Size/MD5 checksum: 67664 ec11b36e61a7bf21d000c6976e3b8435\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge2_powerpc.deb\n Size/MD5 checksum: 53484 f482056647a282c273ff68dedd877395\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge2_powerpc.deb\n Size/MD5 checksum: 51510 adb1330dffc3aac84483f1b996d8f8e2\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge2_powerpc.deb\n Size/MD5 checksum: 38116 40bc44f8f04564dcd3b03f807c3a3116\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge2_powerpc.deb\n Size/MD5 checksum: 47596 987efb593aa10b278745dae8d6dbb425\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge2_powerpc.deb\n Size/MD5 checksum: 38186 7085f96d3b800e8b70ba90ba5e2a38b2\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge2_powerpc.deb\n Size/MD5 checksum: 135990 a56809a8f541be1741c4a474d9d8c0fe\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge2_s390.deb\n Size/MD5 checksum: 273176 8e7dabaeec5664bf1bd55eef0e8542db\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge2_s390.deb\n Size/MD5 checksum: 65380 e4e1d5df8d5976ea10f833b168a36cd8\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge2_s390.deb\n Size/MD5 checksum: 451490 850d40f1004c8f851cf1f5ccd805c7d4\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge2_s390.deb\n Size/MD5 checksum: 134184 b16df02132587697d32e929654579521\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge2_s390.deb\n Size/MD5 checksum: 177260 036625e25b2c0cf8ce2c3c7119cd539d\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge2_s390.deb\n Size/MD5 checksum: 43098 73b1d17f38918628b204494269c696d0\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge2_s390.deb\n Size/MD5 checksum: 73762 de3a61c6b126b4dec165070e5826e47a\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge2_s390.deb\n Size/MD5 checksum: 54840 401afa79056a47af71a76304e0919ea5\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge2_s390.deb\n Size/MD5 checksum: 53532 8acf1ac5cdc7587ae23bfde6ede3be49\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge2_s390.deb\n Size/MD5 checksum: 38266 76a05ba1c70fdd6c1500703f04a36502\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge2_s390.deb\n Size/MD5 checksum: 48958 241223bcef51c769b5ba5a7f54422b65\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge2_s390.deb\n Size/MD5 checksum: 37710 984099f6da5d17cb0b498e7ab884444d\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge2_s390.deb\n Size/MD5 checksum: 151668 8acf34f0d5aae2f2eabb1028c6692d02\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge2_sparc.deb\n Size/MD5 checksum: 251694 83fd9620c1f944b2a7dc4bd350b5fc6c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge2_sparc.deb\n Size/MD5 checksum: 61200 f5b50fcb6b8769d15b7fdf1cda65c3af\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge2_sparc.deb\n Size/MD5 checksum: 411580 e68162ff9195fafb453583ae2376b476\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge2_sparc.deb\n Size/MD5 checksum: 122446 f0bfca04d84e3b66aff03e0de1a01219\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge2_sparc.deb\n Size/MD5 checksum: 160942 667353263890ca7b35f4b6ea1139b0e8\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge2_sparc.deb\n Size/MD5 checksum: 40400 7f6d034dd8eceddc7894d9aed3141e25\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge2_sparc.deb\n Size/MD5 checksum: 63272 db66800a6cc1dbc618b9a5f7f98040d6\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge2_sparc.deb\n Size/MD5 checksum: 49804 8c209d0f5cc9bb20fa9f7d441c81a360\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge2_sparc.deb\n Size/MD5 checksum: 48756 2e8b526b2a22023f9cf68be03507b09c\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge2_sparc.deb\n Size/MD5 checksum: 35876 7c0565f301e0c88f76e7f056de9141f1\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge2_sparc.deb\n Size/MD5 checksum: 44334 deaf7ac9178e9c4b5b077c2c1f6d9009\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge2_sparc.deb\n Size/MD5 checksum: 35464 149a92914dc99002162d03037fc098dc\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge2_sparc.deb\n Size/MD5 checksum: 125432 22e248894abbb22ae7482e2cc97eff13\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2006-02-16T00:00:00", "published": "2006-02-16T00:00:00", "id": "DEBIAN:DSA-977-1:58496", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00054.html", "title": "[SECURITY] [DSA 977-1] New heimdal packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-30T02:23:09", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 758-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nJuly 18th, 2005 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : heimdal\nVulnerability : buffer overflow\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CAN-2005-2040\n\nA buffer overflow has been discovered in the telnet server from\nHeimdal, a free implementation of Kerberos 5, that could lead to the\nexecution of arbitrary code.\n \nFor the old stable distribution (woody) this problem has been fixed in\nversion 0.4e-7.woody.10.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 0.6.3-10sarge1.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 0.6.3-11.\n\nWe recommend that you upgrade your heimdal packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.10.dsc\n Size/MD5 checksum: 1065 7ab9f0c64ced324bfb35f4963ff9d771\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.10.diff.gz\n Size/MD5 checksum: 1294453 511f3ad987650f6a3d2cdf06b13638e3\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e.orig.tar.gz\n Size/MD5 checksum: 2885718 1d27b06ec2f818f5b4ae2b90ca0e9cb8\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-docs_0.4e-7.woody.10_all.deb\n Size/MD5 checksum: 1056308 50a3b8454c1f6efb536d107160532afd\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-lib_0.4e-7.woody.10_all.deb\n Size/MD5 checksum: 20268 efcb77f3efe78cb0eb15c8b1bf803678\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.10_alpha.deb\n Size/MD5 checksum: 275104 2fd4f435a24bb4b24f0bbf2879e96a58\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.10_alpha.deb\n Size/MD5 checksum: 60978 da925e20a137c786dcb859fe7beaf8af\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.10_alpha.deb\n Size/MD5 checksum: 573644 de0c74bb6a7cefb28ce042d6c17bbfe5\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.10_alpha.deb\n Size/MD5 checksum: 135134 96147ec3483cd472eae87a10dbb83c9c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.10_alpha.deb\n Size/MD5 checksum: 181794 cadd8631fca4e41d7a11bb46ccc81343\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.10_alpha.deb\n Size/MD5 checksum: 39822 e466bf90bef7f0101d496e8911f15112\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.10_alpha.deb\n Size/MD5 checksum: 65500 3d1eab0c9800638972cef01a56ab7811\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.10_alpha.deb\n Size/MD5 checksum: 23860 087601c1b16638690844b919e4d698cf\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.10_alpha.deb\n Size/MD5 checksum: 43328 95c2cb58ecd02edcd8778631a459c51e\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.10_alpha.deb\n Size/MD5 checksum: 41846 60ca065a35b8db16c39ce935dad90c0e\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.10_alpha.deb\n Size/MD5 checksum: 33886 b3212804f150c66e0ea73d9941967cfe\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.10_alpha.deb\n Size/MD5 checksum: 44706 7c258203ae105cfeda6b8b2bbe95d1c0\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.10_alpha.deb\n Size/MD5 checksum: 31442 e9250e68a9ef0e700a6f6df32da881cc\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.10_alpha.deb\n Size/MD5 checksum: 134020 2d95f8506758be4a3a8c603675c89bb2\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.10_alpha.deb\n Size/MD5 checksum: 65906 2c3fef9e9d6fbe5c19cd4d324ca198e4\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.10_alpha.deb\n Size/MD5 checksum: 59320 dbe9176fd5a289b8c65b062aad714551\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.10_alpha.deb\n Size/MD5 checksum: 28500 6ebd0b905505525568cfbb0ed43ed4a9\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.10_alpha.deb\n Size/MD5 checksum: 29386 e68ce9207af3956bfa85408377c7ddf6\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.10_arm.deb\n Size/MD5 checksum: 227060 f07e9613f0f77aa51bf11bfe7af3452d\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.10_arm.deb\n Size/MD5 checksum: 53928 4b524838020052066df2bed317d352bf\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.10_arm.deb\n Size/MD5 checksum: 441576 e15699c2aeefb505d3b6f4ff20c555ab\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.10_arm.deb\n Size/MD5 checksum: 110254 a450e035d1e05775497a9b02b435d208\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.10_arm.deb\n Size/MD5 checksum: 147992 6d4e37964b4b9c431bbf334f94c54f3a\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.10_arm.deb\n Size/MD5 checksum: 35510 fbc41bfc56728ca67c39f194669cd334\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.10_arm.deb\n Size/MD5 checksum: 57190 b992cd47b25120ed555661f654049bfe\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.10_arm.deb\n Size/MD5 checksum: 23382 60e95958092a58d9a08800cf36b86843\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.10_arm.deb\n Size/MD5 checksum: 38560 2a2d2eccd2220b6b78dbd51219230799\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.10_arm.deb\n Size/MD5 checksum: 38272 b546abdd507de68efadb7509ed125545\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.10_arm.deb\n Size/MD5 checksum: 31814 ecaff31e00b14bf6f09f36b143dedb5d\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.10_arm.deb\n Size/MD5 checksum: 39974 fb8facb18c31a27cb82a72cb1aa6529c\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.10_arm.deb\n Size/MD5 checksum: 29800 59931918b2d0d3d72de2e178513f550d\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.10_arm.deb\n Size/MD5 checksum: 112432 ea4cee6fad8ea595fc5343d4990a9a0b\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.10_arm.deb\n Size/MD5 checksum: 51932 c37e4fbbd3e02d3146660e3b675d9897\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.10_arm.deb\n Size/MD5 checksum: 53384 1c4a5ec42c341b3f508efd83c3538bef\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.10_arm.deb\n Size/MD5 checksum: 28888 07cf06ac45cde83a255b31d660d9057a\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.10_arm.deb\n Size/MD5 checksum: 29606 198930ed40252e2f00f49e0b7ae5d723\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.10_i386.deb\n Size/MD5 checksum: 219908 74575b09a666aee9a259936c53fe7f8b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.10_i386.deb\n Size/MD5 checksum: 52662 62ceaea7b0815ceefe5af27fe57a7101\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.10_i386.deb\n Size/MD5 checksum: 405266 0c945a3b6e402771a9e5ae75c1d39856\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.10_i386.deb\n Size/MD5 checksum: 109902 1131d20f0af1c33a3dfd6cda7c23bf2d\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.10_i386.deb\n Size/MD5 checksum: 144274 2a1e3525634a3bd5f2aafbb69a0f595d\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.10_i386.deb\n Size/MD5 checksum: 35638 7ad0df72b44014df12436020dfb116bf\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.10_i386.deb\n Size/MD5 checksum: 59812 aa483ece16bc3281e10d31114161d932\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.10_i386.deb\n Size/MD5 checksum: 23276 1def10897d88f5a5022d5226ccfed17a\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.10_i386.deb\n Size/MD5 checksum: 38650 5610a655b7ea8f4bfac44b7b91a5ea45\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.10_i386.deb\n Size/MD5 checksum: 38578 8187806c438a506aa425ee3762adb73e\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.10_i386.deb\n Size/MD5 checksum: 32038 bde733150ccb6a0368a186bc5a4d549f\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.10_i386.deb\n Size/MD5 checksum: 40036 643b2bcd0ec845a27a2cffca8e86d32e\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.10_i386.deb\n Size/MD5 checksum: 29678 32a682d7ff2f7427ff9063b36bf6eb65\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.10_i386.deb\n Size/MD5 checksum: 111288 a3df06fa6b4b6ec7e9e323a21284f538\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.10_i386.deb\n Size/MD5 checksum: 51784 0784e01b5f80902bc7a0c8ebb37d3128\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.10_i386.deb\n Size/MD5 checksum: 51666 969e674493caae33103894a44b34f152\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.10_i386.deb\n Size/MD5 checksum: 27466 c921b95f7f94a9f9521c75ea205b0a17\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.10_i386.deb\n Size/MD5 checksum: 28188 6a73dd828074e9f6cc349e0d8ee599cc\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.10_ia64.deb\n Size/MD5 checksum: 334878 b101cf6f0cd9d48ecbf2f1b25ca8d50d\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.10_ia64.deb\n Size/MD5 checksum: 69060 02c0446dc56661307b434eb731593750\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.10_ia64.deb\n Size/MD5 checksum: 613402 2e762e25c31929300a8d3d200440ba16\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.10_ia64.deb\n Size/MD5 checksum: 154136 b32a84fefb497f7d32abfd32f7762fd4\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.10_ia64.deb\n Size/MD5 checksum: 210498 76078a643a27f3b4ec4704663654a8fa\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.10_ia64.deb\n Size/MD5 checksum: 44182 64e9f3832139389134504af740863239\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.10_ia64.deb\n Size/MD5 checksum: 82072 271529ab870441365a7a2ed4f2f376f9\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.10_ia64.deb\n Size/MD5 checksum: 24740 a75761130e329ace6b70d2daa64ae513\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.10_ia64.deb\n Size/MD5 checksum: 50146 f8fd91ab08052a296079d28aae5350ce\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.10_ia64.deb\n Size/MD5 checksum: 48576 7781ab0da166208281777e7febbc8366\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.10_ia64.deb\n Size/MD5 checksum: 37720 f74230ec977a0da95321c62dd4c4b125\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.10_ia64.deb\n Size/MD5 checksum: 52178 d7599b123b1712fb314e758ee49d488b\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.10_ia64.deb\n Size/MD5 checksum: 35218 26d8bd49d1ab57f6565c96aac925be8d\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.10_ia64.deb\n Size/MD5 checksum: 169728 08b97733f41e559a602c1115d720af87\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.10_ia64.deb\n Size/MD5 checksum: 64862 41fc6e19341afb85c808c077c4625079\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.10_ia64.deb\n Size/MD5 checksum: 68650 e28faf18aa4852083fba2b2d1b3be17e\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.10_ia64.deb\n Size/MD5 checksum: 30684 5d6fa4b9a4a93337daa9a7d902c7f924\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.10_ia64.deb\n Size/MD5 checksum: 31906 df628dc281ed6d77623280ad158ea4dd\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.10_hppa.deb\n Size/MD5 checksum: 256728 3d5b681a73be740bca85deb6b7cd90fd\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.10_hppa.deb\n Size/MD5 checksum: 57414 030587882624cad7e5ff6548871b6cdf\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.10_hppa.deb\n Size/MD5 checksum: 516046 5a4e72ef6543a2fa99ceafe6cd679a75\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.10_hppa.deb\n Size/MD5 checksum: 119280 d6682da42268c59602af988ec2105988\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.10_hppa.deb\n Size/MD5 checksum: 162962 ce191e8668c15c83d7d750c23a5f5d2c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.10_hppa.deb\n Size/MD5 checksum: 37754 c9d84a1c0ec5f0bd38839e0d7edcf0b8\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.10_hppa.deb\n Size/MD5 checksum: 69356 171e7152eb1bcd3540db3dc3e29cc9e8\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.10_hppa.deb\n Size/MD5 checksum: 23920 7725910ef63c999d3e97d9036b6e129b\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.10_hppa.deb\n Size/MD5 checksum: 42178 b5c58429baa4c552c17a5fc7e37dec5d\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.10_hppa.deb\n Size/MD5 checksum: 43512 6f9a1e1799a06ea682cb53852a1b1262\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.10_hppa.deb\n Size/MD5 checksum: 34348 c16ccc8c07dd73f0e1497d00f4357b9c\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.10_hppa.deb\n Size/MD5 checksum: 45146 64a16b92342f23d406010087800a1b75\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.10_hppa.deb\n Size/MD5 checksum: 32026 52b7e5194edf4547d8c6864ee625532e\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.10_hppa.deb\n Size/MD5 checksum: 139910 53980e9c883a8576399643744126e19e\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.10_hppa.deb\n Size/MD5 checksum: 70170 77d1ad3a2c05720030444aee7e483f39\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.10_hppa.deb\n Size/MD5 checksum: 60526 c593229ea3306a68a1fd1f6bfe65735a\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.10_hppa.deb\n Size/MD5 checksum: 30758 8a5781af0dae59b23fe6033dd92f3bc6\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.10_hppa.deb\n Size/MD5 checksum: 31636 a24e11bb5d94fa7782979be787da3dc4\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.10_m68k.deb\n Size/MD5 checksum: 211724 f13ddb4e1c5a09157aa7fa073ea71492\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.10_m68k.deb\n Size/MD5 checksum: 52126 e6666997cf9129699075d51e5d162b4e\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.10_m68k.deb\n Size/MD5 checksum: 399316 2f3fa0fb24bb80421470cda068f85279\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.10_m68k.deb\n Size/MD5 checksum: 105634 b3acfd6d461f1c1c1f697ddf8fc15aec\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.10_m68k.deb\n Size/MD5 checksum: 138258 09cf422a498f2d72f1b49e9ab1841705\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.10_m68k.deb\n Size/MD5 checksum: 35124 55684cae736a60c75945c83a703447ef\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.10_m68k.deb\n Size/MD5 checksum: 55440 d82eb77141fcfb1792bc40177301ea4f\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.10_m68k.deb\n Size/MD5 checksum: 23382 6fc639ca550c917e32338c612787a0a6\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.10_m68k.deb\n Size/MD5 checksum: 38170 99904feb096d4ec150a141938762d232\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.10_m68k.deb\n Size/MD5 checksum: 37946 1f70518abe9b0d442ca4c650624663a7\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.10_m68k.deb\n Size/MD5 checksum: 31670 407adeced92fc3e008c35dff657ba1ea\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.10_m68k.deb\n Size/MD5 checksum: 39808 5204065d13dc9a317a4371b6e12f2d6d\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.10_m68k.deb\n Size/MD5 checksum: 29394 41c5e697dfe01342da77ce6ce0f0cf4c\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.10_m68k.deb\n Size/MD5 checksum: 110980 6fedb23813ccedeabcedde674e5fda2b\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.10_m68k.deb\n Size/MD5 checksum: 68680 54448675d2d85ef8a60b1da463a30add\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.10_m68k.deb\n Size/MD5 checksum: 49914 b9b9ab03c8d990776db37ad19bd1113b\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.10_m68k.deb\n Size/MD5 checksum: 27416 aec9e39fbc711a135230110705c1dd68\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.10_m68k.deb\n Size/MD5 checksum: 28156 1e4e26652e0077c27c5680dc41603919\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.10_mips.deb\n Size/MD5 checksum: 248802 275bf4a8c4276f5f676dbf3912736387\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.10_mips.deb\n Size/MD5 checksum: 55538 4bcf388ec76524fc5b008197de351347\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.10_mips.deb\n Size/MD5 checksum: 505196 8947fd74d667f620e468b5466765d861\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.10_mips.deb\n Size/MD5 checksum: 114864 7ef1eedb8f978159c91635556f969bae\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.10_mips.deb\n Size/MD5 checksum: 160200 31709ff2a56f0ab372b09bf287b23ee8\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.10_mips.deb\n Size/MD5 checksum: 37356 0f12814470b851b8021d8ad0e495ff48\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.10_mips.deb\n Size/MD5 checksum: 58310 b99626d4d029da9265c7d847f8d11d36\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.10_mips.deb\n Size/MD5 checksum: 23560 bffe5122169e6a05dc8618331ebe5bdf\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.10_mips.deb\n Size/MD5 checksum: 39498 2c4142b9a32054275b9ce9c1b2d3c655\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.10_mips.deb\n Size/MD5 checksum: 38978 cd76a531bb7e514b91368cd9a476fe14\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.10_mips.deb\n Size/MD5 checksum: 32094 5e36ead224b26c9a9e75aaccda2e1fc1\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.10_mips.deb\n Size/MD5 checksum: 40702 4eeeb0fec90bd646c4fa00f23b273ac9\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.10_mips.deb\n Size/MD5 checksum: 30346 c94c1be45847b69a6f347b682840a094\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.10_mips.deb\n Size/MD5 checksum: 120568 6aabd8bf1bcc28f88491d31c3d4d950b\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.10_mips.deb\n Size/MD5 checksum: 57440 7727bc947f32f46687153c088a3ee155\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.10_mips.deb\n Size/MD5 checksum: 53314 6e73f89e35920d9d831a62f8bf3f7f03\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.10_mips.deb\n Size/MD5 checksum: 28486 0794ffa1b7d968cf79b3a2007b08d424\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.10_mips.deb\n Size/MD5 checksum: 29160 8f36598a97e94693ff909ab65e06db95\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.10_mipsel.deb\n Size/MD5 checksum: 247934 96d981f9490782ae18083b9dbe3a48a7\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.10_mipsel.deb\n Size/MD5 checksum: 55518 9871aadf10a765cbc48f04d8d4a3b910\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.10_mipsel.deb\n Size/MD5 checksum: 499370 4c60e28af7d56f3a649b7aca144d208f\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.10_mipsel.deb\n Size/MD5 checksum: 114818 f92eeb6632d7572b81beff11f6e588e0\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.10_mipsel.deb\n Size/MD5 checksum: 160304 329c7b78365f510037d2d7c258d9d93e\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.10_mipsel.deb\n Size/MD5 checksum: 37274 393cb280c8600505269f4cdbaaf0a081\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.10_mipsel.deb\n Size/MD5 checksum: 57918 1ebaccc5e5527be40f5bb18a784ddbb9\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.10_mipsel.deb\n Size/MD5 checksum: 23564 b0a8f6b3e0903ff9d0bba2d789b32369\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.10_mipsel.deb\n Size/MD5 checksum: 39194 b6ac3815632d6b4ddcf9983dec29f49e\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.10_mipsel.deb\n Size/MD5 checksum: 38682 8f8525afbe997b2f84bcc7b1538bc6a7\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.10_mipsel.deb\n Size/MD5 checksum: 32008 739792b3d75953fbe926342a8e4d097b\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.10_mipsel.deb\n Size/MD5 checksum: 40328 e75d8ad4b33ec4c3b764431636e0e25d\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.10_mipsel.deb\n Size/MD5 checksum: 30320 5c7ddbbf1d76ec4e49679db99b95f4a6\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.10_mipsel.deb\n Size/MD5 checksum: 119490 b14327a208ce1674697fb9af6523b1a3\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.10_mipsel.deb\n Size/MD5 checksum: 52652 4b1ab7e59bfbd49e292ed2f8c09dad60\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.10_mipsel.deb\n Size/MD5 checksum: 53380 6a48ba529b5ebd14908232ec49ddf7f6\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.10_mipsel.deb\n Size/MD5 checksum: 28558 afb83f9e25176d9e2b8d96d552f2b3bc\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.10_mipsel.deb\n Size/MD5 checksum: 29240 1ce9838ab42a37ebfeb1e6f68df75ecb\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.10_powerpc.deb\n Size/MD5 checksum: 228208 899ac33b29d3e970f75cf2a2cc9d6362\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.10_powerpc.deb\n Size/MD5 checksum: 53858 a0adc156d61e09c8cbb4cc4bbb1e59e6\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.10_powerpc.deb\n Size/MD5 checksum: 466490 45d4f54e7b027c8364f28097bb87c1b4\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.10_powerpc.deb\n Size/MD5 checksum: 110106 1fae61d2af588afe54ccc8e88aa04f6f\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.10_powerpc.deb\n Size/MD5 checksum: 149232 0d1e737e72def7f7197006f55cb40039\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.10_powerpc.deb\n Size/MD5 checksum: 36186 1e750b38c8b2fa6744494b8e08038e97\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.10_powerpc.deb\n Size/MD5 checksum: 57194 9fe36da88cdb3ab78076221659bfa779\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.10_powerpc.deb\n Size/MD5 checksum: 23552 1b00bce315e162e87f4aab69c23d60a4\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.10_powerpc.deb\n Size/MD5 checksum: 39336 34e20ec4d1fa631dc1e7b0f94a33d4ed\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.10_powerpc.deb\n Size/MD5 checksum: 38594 ea115c38a45107eb566e85ece6e9cd1b\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.10_powerpc.deb\n Size/MD5 checksum: 31762 7e5dbb0c413e5716e38baceab5987c78\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.10_powerpc.deb\n Size/MD5 checksum: 40072 3d3078c0f9ddb9d77aefc59ec9bbb978\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.10_powerpc.deb\n Size/MD5 checksum: 30220 9adb1e6a094752dcb3da093656ecbcea\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.10_powerpc.deb\n Size/MD5 checksum: 118888 e8cea82a6bcef399ed3a0bbaba5952cf\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.10_powerpc.deb\n Size/MD5 checksum: 69370 62abcf493008e2833d9db451024b52cf\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.10_powerpc.deb\n Size/MD5 checksum: 53790 c8377d98cbb572eeb9ab9edac840e3d5\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.10_powerpc.deb\n Size/MD5 checksum: 28702 6c60a4428dab361ec778d7ae813fe853\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.10_powerpc.deb\n Size/MD5 checksum: 29526 f74ea5913676afabce29b7cd91edf4c7\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.10_s390.deb\n Size/MD5 checksum: 234880 f1e8e99f3907dc01668af7f14027b612\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.10_s390.deb\n Size/MD5 checksum: 55668 94bf00dde77273c10e1f8dfd3b7ed413\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.10_s390.deb\n Size/MD5 checksum: 433294 3ca2e737e777cafdc060e69357dde4f3\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.10_s390.deb\n Size/MD5 checksum: 115962 00c300addabd06450a787b26273fcaf3\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.10_s390.deb\n Size/MD5 checksum: 153802 904c3c252d62c76be8a9139e20233191\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.10_s390.deb\n Size/MD5 checksum: 36944 48c6adb1d626f89f6819732ac81b5f46\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.10_s390.deb\n Size/MD5 checksum: 58328 acc587dde7a74af7b933c343b472ae87\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.10_s390.deb\n Size/MD5 checksum: 23628 388ee3e89833a2b086c04fd7eabf070e\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.10_s390.deb\n Size/MD5 checksum: 41050 1e272f9e24901ab52af1c41e12a26561\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.10_s390.deb\n Size/MD5 checksum: 39810 1053a5a6d881dd122bbf86bd305616cc\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.10_s390.deb\n Size/MD5 checksum: 32994 5a95cc49d8dd1615de35b2d031a0b99a\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.10_s390.deb\n Size/MD5 checksum: 41870 b7ec695f44663e2ed4adda736417625d\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.10_s390.deb\n Size/MD5 checksum: 30362 171aa57077b8b4ea309ac88329471b48\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.10_s390.deb\n Size/MD5 checksum: 125394 0b2a69769c71bff60d39e6e1dcf6ebba\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.10_s390.deb\n Size/MD5 checksum: 69524 217572a5e2feacf47a94349c175e8f60\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.10_s390.deb\n Size/MD5 checksum: 54578 3d891a33e0f4c31936b1e201d7defbd0\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.10_s390.deb\n Size/MD5 checksum: 28658 91297779d86523dfe64b9f1247714d09\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.10_s390.deb\n Size/MD5 checksum: 29476 5ce36fcb1bd49af69ae00c9cd42445fc\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.10_sparc.deb\n Size/MD5 checksum: 227092 00fe2fe7f80a719e7421fa9873140e49\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.10_sparc.deb\n Size/MD5 checksum: 53984 ab9fc84d7506c20337e28ad289502fa2\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.10_sparc.deb\n Size/MD5 checksum: 430504 2e64914efe7102dd7a99fc012807a946\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.10_sparc.deb\n Size/MD5 checksum: 107708 0ff06b8bf9a4dd2edf5b066ac01c2914\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.10_sparc.deb\n Size/MD5 checksum: 151554 478182fe6acfcfe9046c348ee52710b6\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.10_sparc.deb\n Size/MD5 checksum: 35614 c1648d2b22429e9657cf56ff9c15cfef\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.10_sparc.deb\n Size/MD5 checksum: 54820 7acb09ad252ce8bb8416a2cab72b9741\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.10_sparc.deb\n Size/MD5 checksum: 26224 09c6d263403424b541683ccd5598de04\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.10_sparc.deb\n Size/MD5 checksum: 39072 c80f6bfe67061bb5cf0f6c0f68ff3521\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.10_sparc.deb\n Size/MD5 checksum: 37966 8edd7585e5f3c1f388b9edc63963a084\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.10_sparc.deb\n Size/MD5 checksum: 31710 7054828cc518a4f9b122e56af9fcb7a0\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.10_sparc.deb\n Size/MD5 checksum: 39852 34381df40fd6c7beed337e1556b3ae79\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.10_sparc.deb\n Size/MD5 checksum: 29666 496e01f7eb6a0399b10fffc49e81c008\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.10_sparc.deb\n Size/MD5 checksum: 112366 2fbd292e5676b7a2b5b26d715ce61c05\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.10_sparc.deb\n Size/MD5 checksum: 58300 b418e27dbd60821ae7cd17fc7d820da6\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.10_sparc.deb\n Size/MD5 checksum: 55418 03b5eb94480366bef6ccec429fe5178c\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.10_sparc.deb\n Size/MD5 checksum: 28226 1af6808c94ab33cbbe57f35c6d016f25\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.10_sparc.deb\n Size/MD5 checksum: 28920 4ce6264e282be4744111ff23831a71a4\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.6.3-10sarge1.dsc\n Size/MD5 checksum: 1022 aefe3b5825de6b39fae7c9b60b5fb328\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.6.3-10sarge1.diff.gz\n Size/MD5 checksum: 3219171 413f5a92bc107a66198afaf5418edf2d\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.6.3.orig.tar.gz\n Size/MD5 checksum: 3321408 2a9d4bfbdaade7132279758ccd5c0c4f\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-docs_0.6.3-10sarge1_all.deb\n Size/MD5 checksum: 1166880 22941935ab756ad815004348cd2b7a36\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge1_alpha.deb\n Size/MD5 checksum: 308120 5d02ab90c5848bb3a5340ddfe6af8062\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge1_alpha.deb\n Size/MD5 checksum: 69990 3a8f20a69b3ec341a7b0e7100eb6328a\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge1_alpha.deb\n Size/MD5 checksum: 584826 e2a8ad8137a47a52f912c35fc13c115f\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge1_alpha.deb\n Size/MD5 checksum: 146668 0c1c6c0214cbbb3df92ab3e6fe4f5cb8\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge1_alpha.deb\n Size/MD5 checksum: 197394 b82e484f3c02c35afc51578e1d7f9deb\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge1_alpha.deb\n Size/MD5 checksum: 45924 5f05a268578cb69e53a818c9d6284c8d\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge1_alpha.deb\n Size/MD5 checksum: 77580 3a9c57521cc53ce98d3f5cf806b9b0a6\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge1_alpha.deb\n Size/MD5 checksum: 57694 61dfc35101bd955958f304161cda0d52\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge1_alpha.deb\n Size/MD5 checksum: 54406 3111f9111896ba507090319de47cdbcf\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge1_alpha.deb\n Size/MD5 checksum: 39452 cdeea68c938a52e9292b4881214dc3b1\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge1_alpha.deb\n Size/MD5 checksum: 50488 c0bdc1b27ea375180eaa5b11af03bb9f\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge1_alpha.deb\n Size/MD5 checksum: 38684 e636a14842c240d223b1f35f6460dbdf\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge1_alpha.deb\n Size/MD5 checksum: 157090 17ab3bf13ff09078dffab99e130e3b96\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge1_arm.deb\n Size/MD5 checksum: 251908 08c527292ca4b82fa45f35585adecc36\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge1_arm.deb\n Size/MD5 checksum: 61732 46fce02b2bf4dcca8f801b89ebfb9212\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge1_arm.deb\n Size/MD5 checksum: 438186 7901338ba2dfe8c5f37b89858d394bf2\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge1_arm.deb\n Size/MD5 checksum: 124280 e294d51158df55121113cfdb91b2d19b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge1_arm.deb\n Size/MD5 checksum: 160156 a5e76074d230aa25ce9283c5f7eaad60\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge1_arm.deb\n Size/MD5 checksum: 40472 de224355733a71e47a285e0cf1465e59\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge1_arm.deb\n Size/MD5 checksum: 69214 773ca7e45bd8a3ba6cdfe3885c31a36b\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge1_arm.deb\n Size/MD5 checksum: 49900 9a1d4273081c981165821e3da9c94933\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge1_arm.deb\n Size/MD5 checksum: 48754 bb73672d97f9fab25bac36a8d94628de\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge1_arm.deb\n Size/MD5 checksum: 35710 0bcb7bacdd2ea1948a732fb7f77f103e\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge1_arm.deb\n Size/MD5 checksum: 43592 6662857102d1f40aac653af28ced5ed4\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge1_arm.deb\n Size/MD5 checksum: 34902 3dcb74a9a43a58a02b7376a113c84593\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge1_arm.deb\n Size/MD5 checksum: 122728 4ed60448fac7dce9b98313d211704c27\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge1_i386.deb\n Size/MD5 checksum: 252958 741b320f9ee75851d2182cb80b17a6eb\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge1_i386.deb\n Size/MD5 checksum: 62156 6b1fd01f36520f7adec8c8e03556df00\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge1_i386.deb\n Size/MD5 checksum: 420294 659a3c9e42ee21c8798cb8a8b1a837a9\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge1_i386.deb\n Size/MD5 checksum: 126864 9ffc91edb6cee5bcf21d344017de7c96\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge1_i386.deb\n Size/MD5 checksum: 162410 b28d01fcc40a027a2a11519587f2102e\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge1_i386.deb\n Size/MD5 checksum: 41364 3b496983c1ed8983d8dae09172e21b88\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge1_i386.deb\n Size/MD5 checksum: 75716 acf3d1361f4127f94893f1ff2c13ff57\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge1_i386.deb\n Size/MD5 checksum: 51950 9866840d6c60c089be7fc24ca8c1f989\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge1_i386.deb\n Size/MD5 checksum: 51186 ca5e16ff5ac914ac8fec50bdffeee0fc\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge1_i386.deb\n Size/MD5 checksum: 37120 24fdaf9d94a49d3c39f45b7b87bc03b7\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge1_i386.deb\n Size/MD5 checksum: 46518 00d2b0346657b7a6998c10e941f68fd1\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge1_i386.deb\n Size/MD5 checksum: 36046 8bb07f768f380a86d7c650c8e803de6c\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge1_i386.deb\n Size/MD5 checksum: 132800 1b616986b604926482a82f97bced4681\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge1_ia64.deb\n Size/MD5 checksum: 359580 022ffd8eea6dc8af1d98fa0279442593\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge1_ia64.deb\n Size/MD5 checksum: 76246 f7248dad4465983435d098a1f11bd5e6\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge1_ia64.deb\n Size/MD5 checksum: 574354 25801586e5bc492f0e850693f50ffe73\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge1_ia64.deb\n Size/MD5 checksum: 167342 7815e2c27ae8766334f197b8b52c9bcf\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge1_ia64.deb\n Size/MD5 checksum: 223800 74759d0b0821f63ea385ea74909ee018\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge1_ia64.deb\n Size/MD5 checksum: 48978 442fdc473c1b1a33b4659de9b959b12d\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge1_ia64.deb\n Size/MD5 checksum: 86870 4f28e39a36869b43440e497ad28df5fe\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge1_ia64.deb\n Size/MD5 checksum: 63208 c8f771b4f8a51547cb4d7cbea9a789f9\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge1_ia64.deb\n Size/MD5 checksum: 61670 d455df36dc250bc9ec973609c45712aa\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge1_ia64.deb\n Size/MD5 checksum: 41754 478bee9dda57c0d37c3c9e1de02e0c16\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge1_ia64.deb\n Size/MD5 checksum: 55112 257c97f9e5a1ea34e48c2cea0da2eb03\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge1_ia64.deb\n Size/MD5 checksum: 41682 db388cb18aa1e9496f77379a50b7e244\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge1_ia64.deb\n Size/MD5 checksum: 181226 128c5b63ab7c13b980f254babfcfddf1\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge1_hppa.deb\n Size/MD5 checksum: 282480 c83c0d4c02604e91afdad6f1f03066e7\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge1_hppa.deb\n Size/MD5 checksum: 65780 f27a738b74160c67a8147f33ee6166d3\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge1_hppa.deb\n Size/MD5 checksum: 472908 5cdfe06caa44d76257d6608705217ad9\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge1_hppa.deb\n Size/MD5 checksum: 134238 a445ce375957e67702913e5ff800ac79\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge1_hppa.deb\n Size/MD5 checksum: 177934 7d094d6b4ccff6da65b6ac1ea2e49b9a\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge1_hppa.deb\n Size/MD5 checksum: 42712 0e88057ba4e5eba172be6a3959793489\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge1_hppa.deb\n Size/MD5 checksum: 75808 7629377c62f91c5564dbcbd41b1840f1\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge1_hppa.deb\n Size/MD5 checksum: 54012 d765cc059451c25de6e4c1c8363a196b\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge1_hppa.deb\n Size/MD5 checksum: 54540 85a42f97b224be94a66fd8ed0b1eb765\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge1_hppa.deb\n Size/MD5 checksum: 38516 b35edccbbdadb8bec222e110d90e83ab\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge1_hppa.deb\n Size/MD5 checksum: 48944 e16abdee3033966a9b9d5244bebbe474\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge1_hppa.deb\n Size/MD5 checksum: 38070 1beb352b95470ac2e95ad58a69adb7e7\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge1_hppa.deb\n Size/MD5 checksum: 149038 68fbb8a7f6eaa924dfced843c083ef72\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge1_m68k.deb\n Size/MD5 checksum: 238434 fd5918b1cd84cab343606bfdc39706d9\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge1_m68k.deb\n Size/MD5 checksum: 59712 bb76c1d76c5b5a984e2441513b6c152c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge1_m68k.deb\n Size/MD5 checksum: 386332 b716b5c5a713386663ffa952a3982d97\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge1_m68k.deb\n Size/MD5 checksum: 121606 81e7d5cf92337905b13318f05beec94b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge1_m68k.deb\n Size/MD5 checksum: 149306 f288e9a9436b640c0fc659bddb8ec62b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge1_m68k.deb\n Size/MD5 checksum: 40000 744080481ad2eff78c07946abed42a7b\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge1_m68k.deb\n Size/MD5 checksum: 62682 8035c126e59b670b1649c9cb6d8f6323\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge1_m68k.deb\n Size/MD5 checksum: 48950 72761b5d5ec940051cbed462ec503f8a\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge1_m68k.deb\n Size/MD5 checksum: 48150 e52b4b9400705cb8d02e3c93e16f5d7c\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge1_m68k.deb\n Size/MD5 checksum: 36046 d2cdc878acd24983b2258c1b1f0f56ad\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge1_m68k.deb\n Size/MD5 checksum: 44060 20d868e80cadd60d82d146f436876acf\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge1_m68k.deb\n Size/MD5 checksum: 35074 eb2dd274d941119f1102390735577ecb\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge1_m68k.deb\n Size/MD5 checksum: 122810 b619da339a25bc2e845d54e166dcd64e\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge1_mips.deb\n Size/MD5 checksum: 304042 41d9487dfafdaf6dc24dd08513b15f46\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge1_mips.deb\n Size/MD5 checksum: 64762 f59bcc9ee83644b7a0e9505d2ae98e41\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge1_mips.deb\n Size/MD5 checksum: 475270 3d78ee48851df671928befa491631ab7\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge1_mips.deb\n Size/MD5 checksum: 145716 d04059f2e693718a2dc1718bea1745ef\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge1_mips.deb\n Size/MD5 checksum: 178820 f9a6e1e5d59c193d98e0b3bb3b9372d3\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge1_mips.deb\n Size/MD5 checksum: 43046 2e873129924617e635a2f2ee144a75de\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge1_mips.deb\n Size/MD5 checksum: 67432 c9c7ee0de8db62059707b3daee0df5b9\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge1_mips.deb\n Size/MD5 checksum: 50910 539a2f3cebe8354c1f95ec05e958ae4f\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge1_mips.deb\n Size/MD5 checksum: 49822 24cc020b052d4038eacb7285958dfd99\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge1_mips.deb\n Size/MD5 checksum: 36878 ada4704c6912614e2207bc28f49859ae\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge1_mips.deb\n Size/MD5 checksum: 45658 5119305904b72edccec67903337196d8\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge1_mips.deb\n Size/MD5 checksum: 36570 8def55b5d3cebb0960efd7274904d453\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge1_mips.deb\n Size/MD5 checksum: 136480 5a8ed544b990ac39e96a705af2c4c545\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge1_mipsel.deb\n Size/MD5 checksum: 303714 ff8db093fabb8dbad7a8638f2e14fdb1\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge1_mipsel.deb\n Size/MD5 checksum: 64758 5abee3656278ae17d85e42c15b4bc3e4\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge1_mipsel.deb\n Size/MD5 checksum: 475780 57e9bba657094a26a447ec3204f6a29a\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge1_mipsel.deb\n Size/MD5 checksum: 145892 7dac6f5f25939cb25138cff0ac5a22d8\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge1_mipsel.deb\n Size/MD5 checksum: 178656 3a6d1d682e97948ba7bb7cd398a26709\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge1_mipsel.deb\n Size/MD5 checksum: 42976 33952e64d02500ae90f90bf92caf97b0\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge1_mipsel.deb\n Size/MD5 checksum: 66884 5ba7bb99fa28afffbaebd829ba4eaa03\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge1_mipsel.deb\n Size/MD5 checksum: 50876 b6fe869651d7831052872db1c4ed8416\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge1_mipsel.deb\n Size/MD5 checksum: 49560 e77dfcc7141e8d57051a4a810e51ebfa\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge1_mipsel.deb\n Size/MD5 checksum: 36744 c279793a6e616e53b8592587ec29e795\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge1_mipsel.deb\n Size/MD5 checksum: 45528 f1708175c7715f95d196da76c50ea392\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge1_mipsel.deb\n Size/MD5 checksum: 36584 2ba5f408965229c00f71a50b3f717f16\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge1_mipsel.deb\n Size/MD5 checksum: 135506 5ec6bb38f1346b19c99eb15bfdbf2605\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge1_powerpc.deb\n Size/MD5 checksum: 285020 2843d293a46cdf275d41ca7cfba637a3\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge1_powerpc.deb\n Size/MD5 checksum: 66278 5596ef5ae84c7b07f586bd280e122e31\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge1_powerpc.deb\n Size/MD5 checksum: 447444 24d00f940365da8b74fd95018ebb8e23\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge1_powerpc.deb\n Size/MD5 checksum: 139786 02a95b57c53caccdd0ecdc32d52b2e08\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge1_powerpc.deb\n Size/MD5 checksum: 174588 b3eed16ae89654b2086cd83f38d36d4a\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge1_powerpc.deb\n Size/MD5 checksum: 43144 2fbd9c38acd848d646b91edff40938c2\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge1_powerpc.deb\n Size/MD5 checksum: 67582 66709679f184d70f7970c9da51bdaf2f\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge1_powerpc.deb\n Size/MD5 checksum: 53412 157fc535b511d18c217c28ef269a226a\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge1_powerpc.deb\n Size/MD5 checksum: 51424 aff314caa0bfd0b3830149d8471fe8d3\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge1_powerpc.deb\n Size/MD5 checksum: 38030 79a1878c228e606e0df707e63e521b6c\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge1_powerpc.deb\n Size/MD5 checksum: 47506 657f3ef856f6cc4ea4f3dabf9f8117a3\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge1_powerpc.deb\n Size/MD5 checksum: 38100 c5b90151ac5b6e3f4c09e85cbb07ddd4\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge1_powerpc.deb\n Size/MD5 checksum: 135902 1580a364864272892a87609a8dfc7290\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge1_s390.deb\n Size/MD5 checksum: 273120 127c41fa7f457de3d9aa6aba78f619b8\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge1_s390.deb\n Size/MD5 checksum: 65300 57c076343d66258bc81cb88f06cdd8ff\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge1_s390.deb\n Size/MD5 checksum: 451440 73cd0a5330cc3b963bcf388c5c2da1dd\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge1_s390.deb\n Size/MD5 checksum: 134100 21951844a061f9991e8bfbfbc5c91908\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge1_s390.deb\n Size/MD5 checksum: 177246 55dd710800aa7a8974087312c272a820\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge1_s390.deb\n Size/MD5 checksum: 43016 3c07d7f0153a156b1516985385d93909\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge1_s390.deb\n Size/MD5 checksum: 73688 71e89ef235ca16791b3bf20597f67bff\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge1_s390.deb\n Size/MD5 checksum: 54770 1fea29872becb949246987e838f45bfa\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge1_s390.deb\n Size/MD5 checksum: 53452 abdd8400e3af825b6e85d46d120d8e5c\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge1_s390.deb\n Size/MD5 checksum: 38196 e24839a04b9694c19291070cf69692ad\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge1_s390.deb\n Size/MD5 checksum: 48884 a784ce2f1d5e768eeb48bd4efc907a48\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge1_s390.deb\n Size/MD5 checksum: 37634 19449fda755eac6dc13fd5f40652d144\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge1_s390.deb\n Size/MD5 checksum: 151590 7dffd2f4151c3b8392bd80ec12458e4a\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge1_sparc.deb\n Size/MD5 checksum: 251616 308777716e8e7fe66b6c50a73712da73\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge1_sparc.deb\n Size/MD5 checksum: 61134 8d2cc3b065b467556004a0e275904b06\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge1_sparc.deb\n Size/MD5 checksum: 411598 a7a5eca3d6a4a048af2b36cc0103d7ce\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge1_sparc.deb\n Size/MD5 checksum: 122382 4829af38898b0f60b10d92dc60a611b4\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge1_sparc.deb\n Size/MD5 checksum: 160876 faefb1fccee0affa83bc45386c9a919f\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge1_sparc.deb\n Size/MD5 checksum: 40304 05f5599c0be6adbbfe79e2347f5d4de2\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge1_sparc.deb\n Size/MD5 checksum: 63194 d923629bdf73ccf1d5d6a9e1baf77aee\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge1_sparc.deb\n Size/MD5 checksum: 49724 df9b31b28b85f5f4fddea6c8eb8b6263\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge1_sparc.deb\n Size/MD5 checksum: 48674 51d6ffa11da1f6044cfe13dd0c871345\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge1_sparc.deb\n Size/MD5 checksum: 35792 bff5f1ba7afce8faf88a5282b2b945ff\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge1_sparc.deb\n Size/MD5 checksum: 44258 c732f0293bc8896e9f0cb133d1181551\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge1_sparc.deb\n Size/MD5 checksum: 35384 1edeb37bd16bc2ec7b9f330a0425db21\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge1_sparc.deb\n Size/MD5 checksum: 125354 ff9e014af2a6dff2c2b21b387d07f8e4\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2005-07-18T00:00:00", "published": "2005-07-18T00:00:00", "id": "DEBIAN:DSA-758-1:1C328", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00145.html", "title": "[SECURITY] [DSA 758-1] New heimdal packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-30T02:21:36", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 699-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nMarch 29th, 2005 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : netkit-telnet-ssl\nVulnerability : buffer overflow\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CAN-2005-0469\n\niDEFENSE researchers discovered a buffer overflow in the handling of\nthe LINEMODE suboptions in telnet clients. This can lead to the\nexecution of arbitrary code when connected to a malicious server.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 0.17.17+0.1-2woody4.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you upgrade your telnet-ssl package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/netkit-telnet-ssl_0.17.17+0.1-2woody4.dsc\n Size/MD5 checksum: 669 edcae9a56571c23861cc772d116f6d9b\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/netkit-telnet-ssl_0.17.17+0.1-2woody4.diff.gz\n Size/MD5 checksum: 9099 0c6a68a7522269cb7c7f18e08e9f3228\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/netkit-telnet-ssl_0.17.17+0.1.orig.tar.gz\n Size/MD5 checksum: 167658 faf2d112bc4d44f522bad3bc73da8d6d\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnet-ssl_0.17.17+0.1-2woody4_alpha.deb\n Size/MD5 checksum: 101196 46f45337d4a60eb738b077770e3aa2a4\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnetd-ssl_0.17.17+0.1-2woody4_alpha.deb\n Size/MD5 checksum: 57024 b2a33f4b5143da8a36ee78b75850c6c2\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnet-ssl_0.17.17+0.1-2woody3_arm.deb\n Size/MD5 checksum: 85194 1db7e7432d8025531b869ae5c737014b\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnetd-ssl_0.17.17+0.1-2woody3_arm.deb\n Size/MD5 checksum: 48596 ad29db7a35ad3ee4e3d2c5c411b0edb9\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnet-ssl_0.17.17+0.1-2woody4_i386.deb\n Size/MD5 checksum: 85608 6b9e94d7acf3274a62a78e98b069060b\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnetd-ssl_0.17.17+0.1-2woody4_i386.deb\n Size/MD5 checksum: 46730 09bf8699c1af6a5f4f9e913d7ef92759\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnet-ssl_0.17.17+0.1-2woody4_ia64.deb\n Size/MD5 checksum: 123272 d81d94ec52c655bb8496bf126c9077aa\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnetd-ssl_0.17.17+0.1-2woody4_ia64.deb\n Size/MD5 checksum: 66728 e1879d40f611846bb7f787245feb8fee\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnet-ssl_0.17.17+0.1-2woody4_hppa.deb\n Size/MD5 checksum: 86624 677730710e0adac9cb6cbe1d1cca742b\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnetd-ssl_0.17.17+0.1-2woody4_hppa.deb\n Size/MD5 checksum: 54054 df3349ebb866ada9bc08a3dabf681bcc\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnet-ssl_0.17.17+0.1-2woody4_m68k.deb\n Size/MD5 checksum: 81534 9007bc1b9ce71d54eda4da588269e39b\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnetd-ssl_0.17.17+0.1-2woody4_m68k.deb\n Size/MD5 checksum: 45494 8bd015cf665ed260e8943aaf9a88d5a9\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnet-ssl_0.17.17+0.1-2woody4_mips.deb\n Size/MD5 checksum: 97454 ad228bd9d0353478740fde78095b8332\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnetd-ssl_0.17.17+0.1-2woody4_mips.deb\n Size/MD5 checksum: 52346 b22cdea93cc2d406144f7797918ba348\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnet-ssl_0.17.17+0.1-2woody4_mipsel.deb\n Size/MD5 checksum: 97292 fe280b5296350918ef3f99bd86c1e3e8\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnetd-ssl_0.17.17+0.1-2woody4_mipsel.deb\n Size/MD5 checksum: 52334 816d5bce2968f676d3261a1d3e9e5e21\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnet-ssl_0.17.17+0.1-2woody4_powerpc.deb\n Size/MD5 checksum: 88238 c0b09580e81ff24c5e04d7ae0e859645\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnetd-ssl_0.17.17+0.1-2woody4_powerpc.deb\n Size/MD5 checksum: 48882 f1ab39899f6b2892cae81b8b4dfb2d16\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnet-ssl_0.17.17+0.1-2woody4_s390.deb\n Size/MD5 checksum: 88746 b4a754f74fe3bc462488c62a137fa422\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnetd-ssl_0.17.17+0.1-2woody4_s390.deb\n Size/MD5 checksum: 50562 fe91806b369af4ff31030c1079b7b9bd\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnet-ssl_0.17.17+0.1-2woody4_sparc.deb\n Size/MD5 checksum: 89356 dd5d9462b3b86d40f0f67a9ec86adc57\n http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telnetd-ssl_0.17.17+0.1-2woody4_sparc.deb\n Size/MD5 checksum: 54646 5d694a26621ef73ce5d2c0e6ed9bc887\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2005-03-29T00:00:00", "published": "2005-03-29T00:00:00", "id": "DEBIAN:DSA-699-1:A47C9", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00079.html", "title": "[SECURITY] [DSA 699-1] New netkit-telnet-ssl packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:22:15", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 697-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nMarch 29th, 2005 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : netkit-telnet\nVulnerability : buffer overflow\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CAN-2005-0469\n\niDEFENSE researchers discovered a buffer overflow in the handling of\nthe LINEMODE suboptions in telnet clients. This can lead to the\nexecution of arbitrary code when connected to a malicious server.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 0.17-18woody3.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you upgrade your telnet package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet/netkit-telnet_0.17-18woody3.dsc\n Size/MD5 checksum: 602 2fe6640e0719f7aa44a7815a89a12a41\n http://security.debian.org/pool/updates/main/n/netkit-telnet/netkit-telnet_0.17-18woody3.diff.gz\n Size/MD5 checksum: 22327 943fcd9a5048df83ce6d4f00c5b64853\n http://security.debian.org/pool/updates/main/n/netkit-telnet/netkit-telnet_0.17.orig.tar.gz\n Size/MD5 checksum: 133749 d6beabaaf53fe6e382c42ce3faa05a36\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody3_alpha.deb\n Size/MD5 checksum: 84292 0b84a10dfc8714c16dbbb022f3344616\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody3_alpha.deb\n Size/MD5 checksum: 45876 7a1893a937dd23489c45cc31d0e1605b\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody2_arm.deb\n Size/MD5 checksum: 69924 8bb25a534f053a693aa971df0e15d71f\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody2_arm.deb\n Size/MD5 checksum: 39618 2cfc8d96f00bb739333adf0659caceb6\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody3_i386.deb\n Size/MD5 checksum: 70736 838259bf5d62e438959162e53aad0fa0\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody3_i386.deb\n Size/MD5 checksum: 38616 b70a384a508e0405e91f3790f0668081\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody3_ia64.deb\n Size/MD5 checksum: 102868 70da46fb55cb87eb86e926ffbd9d0bb2\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody3_ia64.deb\n Size/MD5 checksum: 52542 8a459f0368d5f861f9bf4ab35ce6a8c3\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody3_hppa.deb\n Size/MD5 checksum: 70048 f14aa30e55f6ea4d40f6c4164d3db8bb\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody3_hppa.deb\n Size/MD5 checksum: 43568 11ecc34f1825ceecda70fb89265b688e\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody3_m68k.deb\n Size/MD5 checksum: 67226 572135d4d9d8978bc0a1ea6202f7c1be\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody3_m68k.deb\n Size/MD5 checksum: 37524 1c061c7ee5e3879b88eadda2b21eb463\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody3_mips.deb\n Size/MD5 checksum: 80896 7de7f5ad30e0f95a5661b2cfe44f95ab\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody3_mips.deb\n Size/MD5 checksum: 42678 a77278475feb6cb0ec3b605a5a904218\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody3_mipsel.deb\n Size/MD5 checksum: 80828 70c559a8b71a8c03350eeccf53f3e25d\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody3_mipsel.deb\n Size/MD5 checksum: 42670 51cb8ffb5f3c4b525682e78d7ae1481e\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody3_powerpc.deb\n Size/MD5 checksum: 73288 38517e77c45ed6c66fddb4d817b4829a\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody3_powerpc.deb\n Size/MD5 checksum: 40326 9ca930698e43c7bf55865fca839d57e4\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody3_s390.deb\n Size/MD5 checksum: 73250 e2f4333b7dc6bf55dd3c46ed98734499\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody3_s390.deb\n Size/MD5 checksum: 41272 7cce38638c1e4a9564369ff5e7e68a69\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0.17-18woody3_sparc.deb\n Size/MD5 checksum: 74240 5a83b9953328c8de75a76682ce30da35\n http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0.17-18woody3_sparc.deb\n Size/MD5 checksum: 45374 167f760979a1eb531461178ed576b82c\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2005-03-29T00:00:00", "published": "2005-03-29T00:00:00", "id": "DEBIAN:DSA-697-1:4A49E", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00077.html", "title": "[SECURITY] [DSA 697-1] New netkit-telnet packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:21:41", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 765-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nJuly 22nd, 2005 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : heimdal\nVulnerability : buffer overflow\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CAN-2005-0469\nCERT advisory : VU#291924\nDebian Bug : 305574\n\nGa\u00ebl Delalleau discovered a buffer overflow in the handling of the\nLINEMODE suboptions in telnet clients. Heimdal, a free implementation\nof Kerberos 5, also contains such a client. This can lead to the\nexecution of arbitrary code when connected to a malicious server.\n\nFor the old stable distribution (woody) this problem has been fixed in\nversion 0.4e-7.woody.11.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 0.6.3-10.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 0.6.3-10.\n\nWe recommend that you upgrade your heimdal package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.11.dsc\n Size/MD5 checksum: 1065 8fc37ea432a8120da0f370b0b2c9125b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e-7.woody.11.diff.gz\n Size/MD5 checksum: 1295043 b27c9a952ed6a53698d654b2dbca9b52\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal_0.4e.orig.tar.gz\n Size/MD5 checksum: 2885718 1d27b06ec2f818f5b4ae2b90ca0e9cb8\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-docs_0.4e-7.woody.11_all.deb\n Size/MD5 checksum: 1056336 e6f819c78b38e6c9b854104879a82a76\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-lib_0.4e-7.woody.11_all.deb\n Size/MD5 checksum: 20298 630b472eea6aef8b53ed678ebd6d9676\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 275276 12437fc71585df2debc30260d44881ae\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 61016 e28f3db25cf9fced15d07c9843d0bb7f\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 573726 fcd82b8d22e86f0f67b188e5a182aad9\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 135164 67d1f00e15b893fbd7f1a0009eb9047c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 181834 7860ca01ee394b8200487356546fe94e\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 39864 f631f57c94a0554e3daa62b6f3029999\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 65534 6b3fa215d70b35e71ec21545d3db48db\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 23892 fc3c8e707764634638083acb5b4b6312\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 43368 269a6e04b6e7db823a237b7af6812eb3\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 41880 0e9ca330caa8ae710f8594d156065e0c\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 33922 2d774846eed21710c9c9cf19e9af2cf8\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 44744 d154ba1ed49d1458ee2707d021d1e8b8\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 31484 d22c13f1da35553ba942274dec958959\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 134054 3261ce8e03209f64748d4e05fcf47bc3\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 65944 5a5aeea7b73b37b3604d9d3d43991881\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 59356 80c67e5e8bba2ffeaad753a6dd5173be\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 28538 700352c1de8dd30a37f95da03d5ad9ce\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_alpha.deb\n Size/MD5 checksum: 29424 91458eb256f4d7b446f8d3899f751193\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 227174 8ab44db32ee205256ca597197eff9427\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 53968 ca664151450031013a9bfb0dd5fb32af\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 441598 25127b23b893ba6515cbb9be7dee0ebd\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 110266 ec3cde13087c74757744ca9bfebe00d5\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 148006 ee02412bfd96d484a147e5e8c06f40ee\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 35538 aa3e74b814fcdb1abb401f11eb8842e1\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 57216 4081aad0b651d131f3424980879bc861\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 23412 03b68670c37f4a4cc8fee59f4023e903\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 38594 7a3315d21fdf7c3854bba5e17bca1e11\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 38298 0f16402f3694c2bb1d4cc4450df540e4\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 31850 3e1bd368481f666f6d7b2ec2dc4ed912\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 40000 024228d74f0a589c73e31688cbb9f3e1\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 29842 9e7ef427e9d3fd277ca8448d3078a2b6\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 112472 3fc814c80adaaace125166bd8cd013d3\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 51960 b48f25ea15d3e65d6444ce5960213d32\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 53414 fdd7b63f63ffea2ef5e4574528419baf\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 28918 a15c818745634dee06c40610b66a92f6\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_arm.deb\n Size/MD5 checksum: 29636 e97a487116f2367299decb51cccc098f\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 219936 7cd4a7ae4c56f3a1a4700fea756b62c3\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 52704 a64eea9e99a5dffeb211167f2edfac7b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 405344 d5d263dba7f36d95ac5344d750abd1f0\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 109934 37fab8f1c45a897a7a063641133789d5\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 144312 21570cc9e367ab0ccb89a011a56b2177\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 35670 039764b15c3a1e18703cc1fa2773c97e\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 59842 4a1a98a52cbc2d86d4c5adf088bec1e3\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 23304 ad9ed998a1ae50e6dd5368c07ed5db7d\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 38682 5170e1500eba0b17baedc95e6e763063\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 38612 425b8857ddb2105a6d2ec9399eeeef4e\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 32068 6cb760663c089906b9c8cc89c1395f34\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 40062 9f9d04c843ae164bbdf28b7d1a4ede7f\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 29712 a375688e6029d5fae6ae4e3662ed88b1\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 111312 1ea1a0a7b36935fa1d3fbaf508530a94\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 51816 935711339e95322f578622bf3271c4fd\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 51696 223796e010ca4be9e927c438ffa921ac\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 27500 4b5382836ff3c4f1bdcff2a30e7a97ba\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_i386.deb\n Size/MD5 checksum: 28222 d4ea500c49786252fbb522d32fb78ee3\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 335082 762bb44529ac965fafe57a153375f8cf\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 69096 cf9fd237439d89479af7e813447c7ad5\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 613424 efacfc44d5d6bac9227bc6709e52182c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 154164 ec762443001df7fe29a3a497ad9c14df\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 210540 d4e2c1c65f0a4f1bc1d20ca1348d3972\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 44222 87a27ba41ffc9ad9d5296ba1133ec8cc\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 82102 a1cabba1e3ab285acc9d0ec414ea5d5c\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 24782 996c48ba78eabc7a24c92eea9abf70bc\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 50174 21abd59f30af1574012e6c75d7f7d7e5\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 48600 b12ccb241bbe65a5acc1009cb41508d8\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 37744 d881400db00426478c525913366d5dcb\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 52210 81a0014eee08020f7f333f2835d089b8\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 35256 49820e0275c2f170d50531d0cf4be224\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 169750 ae2c7d4ccd96a7c495a91bb8272bf872\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 64900 421ce6b03daf43a5ca9769d95c614a34\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 68682 a3b21eb50c8757538bc234e948a3e35a\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 30710 9eb38bbec69e72e52581cd355373ced3\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_ia64.deb\n Size/MD5 checksum: 31932 e2fbc77b172c6eb54c12461333f00ef1\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 256874 140bdfc671e9acd9150a6995b247af34\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 57454 caa48211376a98c67e03d068e6fbeb6f\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 516072 ae166665afe33ad8e24ae155e74e7bce\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 119300 8b7fae0ab762cb2522db9b78d8c0d186\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 162998 c4c23fcc53e97f070b5d528eb163af00\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 37784 dbf2fb481981fe63a558447139c5b7bb\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 69388 fbd6ba202c666b7c8b27686fb309f528\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 23946 96ab72df3ae02e9822a52fa4d0fe08c2\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 42206 50ce55dbed833c43a58c7b5913249754\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 43540 8b1c4044113c1021717ef3c5b79686d6\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 34384 ce7f69712e2af6ec72bbddaaa4a4ed9d\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 45178 2148edf895d480b315fd5236a82af8be\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 32060 966345ea7709602258fefcc66b75c2a3\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 139936 a1917b6ae317b87749a7ea8b6c68cc96\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 70198 5350eedbce161c1c2cd09d780a80e8ae\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 60560 722387dd2747e994d49335669ea93449\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 30790 07abee4e10bd0f2834292aa9aed0351c\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_hppa.deb\n Size/MD5 checksum: 31656 a2601adf14c97c6339e5eece745b61ed\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 211826 b3a51143513404c3a58869ccdc980352\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 52172 05037589546d7bad9cf0fdc47c9b234a\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 399312 bdec29fdaa096cfb4205448ca30debdf\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 105690 104bd645147011b71b3d4250083df27d\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 138286 5f206db56db8e0c610eb17349f6da5be\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 35156 c55f2924284487b4169a9d52f3b79f18\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 55500 b0b11055a2b744a20688eda87678f24c\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 23424 3e66bc4d54685e4cbafc1a53dcb7e4cf\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 38200 296ae362e7a9483e866f959ad4a5832b\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 37984 aa745d6da276a877a415fd66a06128d8\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 31712 9af44dffde45b673760c7991606eb312\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 39850 606e9fe193e34f3ae1ea864e3a9e21bd\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 29436 ba92cf45fc7bfed068cc3de3d63220ee\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 111036 ade91cc8a12d1d5a3e57e4762a68a060\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 68726 77f24b45977cb9e3e729ee64d4e3ec4b\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 49958 4967192c48b8ad8bc1f0c0b244635616\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 27460 883c720bb718cd60dbe9f38c8792c2e0\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_m68k.deb\n Size/MD5 checksum: 28192 88b86afb0a2b04da8785c165402d7727\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 248918 005efbd5408a65d580e0c4d8ed8ed80b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 55564 4aa128a89c3f5b8dd3529e89e3d27f37\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 505212 d8dda2a0131d90cf29d9e299d28b356b\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 114882 5102fbf99e5f52569a22a2c17748a520\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 160242 cf112ed81fdf868ab6efb07ef93ac2d7\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 37388 6a46e03e6fdbd7e4803ef2fb1370c699\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 58340 086cf69030b957bbe6cd27516f717f29\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 23590 15c7586e6b6cd94e3c3a559e980e5645\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 39534 755f9ee7cd757674e4d569ae01ec9474\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 39014 7199130531d369f8c8bd8178ae66158f\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 32122 8d128559a4e7b55a8309c7ded954ea93\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 40734 cd594016cfb45138345f8d19f824d5b2\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 30376 946da152608b5d49ed90edb152946442\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 120610 42e1d7253a98a12279a61bc3b12bfe10\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 57476 f4e2d9e86dc852068faad25bb8e78ca5\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 53346 974a501c32c765c9063ca0b1bf0100b3\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 28520 fa5ce3789529406ce6c62f6fb24e46b2\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_mips.deb\n Size/MD5 checksum: 29186 8736a50aa2789aaed507714ebd298240\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 248064 8891058ed6fc8826f4bd57d5b8eb26b1\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 55550 559be15f2dc64fffea360f5281660435\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 499388 8c838954ef0b75815fc8eedb3fc7559f\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 114840 5d87f1b1d7dddf6d4087730b810d3d5d\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 160350 cae061acf36faa4acc76abf8640051f8\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 37308 b14e3b3f5c4ef1c9bb0615a9c2dace69\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 57946 acc5e0cee40880946eb211fb6d395f2c\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 23590 4b376e0c25d261f8eaa64e8a8bbd3d8c\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 39220 5c6c245272b4b80fadd56f2248f7861e\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 38712 e57c37dc5afcb2d09d684b759ac33f77\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 32044 dc3622de31025834023b1c2e68ef3246\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 40354 9ffa12ee944c9def479add6f18db7dc1\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 30352 69ea54f0432371140f802ac1a2e6f1ff\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 119520 307afbe2f26e9db953abb82c7d305799\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 52682 07759311f573f201c3187808f0955b54\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 53410 4033254bfa0482ec101e9de313ba5bfd\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 28588 71be890e75aa25f27cac29437ba3b4cb\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_mipsel.deb\n Size/MD5 checksum: 29268 8260428b6857d0b2bf127f47d8082f66\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 228262 a5c5faca2967096b1a364c13740d32df\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 53894 552c568c50d62e54a5e96daa2bb87c1c\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 466526 a50ed6bb5e236c8d6db8243734803ea0\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 110132 4c947ba0c94cef3629eaa0f7eac8c2a1\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 149254 722d7ced6894cefd14f68e446af458db\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 36230 dfbe16f671521b1515c9c8c9265a5342\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 57226 cfea58fb03d07ed85d674df21f1c7e7e\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 23580 7d63a22a980a14030126cfa322243ffc\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 39364 f6e7d32e6da45f8d5893e1d681eb9788\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 38630 1a815e315e9650a39f9c685fa8861846\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 31794 b54c265e1578e0f40cc7a683d6b8c742\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 40104 7dd0775da038d1b34428efd6bffa4b6c\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 30246 a7a5c8635a3c1c9b508e8af3dd05d44f\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 118918 2f21bb221eef3fb8ab9caa3006dae794\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 69400 7d1bb7b9e83a7ed9cf53cb5d385e9447\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 53826 fe4212f691d675bf1f682d17329c6c5e\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 28744 0012158f14e5fff7ec9988e2d7939cf6\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_powerpc.deb\n Size/MD5 checksum: 29560 58921e138af421a9ea48d7a35b728f01\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 235020 45fae34704d01f03b5e0dd716bf91e90\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 55710 9cd974e488c7bc3a8430d01fe5dd6ad0\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 433342 d6affed884050cffe8776f79ed749897\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 116002 7d68b959b4d7897179273c0d795c4a21\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 153824 6de2ef670834b0b22cde0888637d81a6\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 36982 fc870d47a3a23441cb83452904bed977\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 58358 ccf0873fd87a468e71c2d2745fcc0284\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 23664 6229dd41d0719f3a8b5fbafa81221584\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 41084 ed1f1756f66cfa655b04e77c02308fa3\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 39846 edc6789b94dc803b6e59efb287151162\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 33028 f74bb90f54953af275deadb3a09beedc\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 41900 81aa709bde50ea906d512637db5412df\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 30394 4055618b16374db57fcbe27264e35f61\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 125432 4e1b2fd68cdb66d210b5860870654a81\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 69554 606b376355b9392208cbba9cd43d6e0a\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 54608 a2f3303e3a1bb49e47ed0f68673509b2\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 28688 2df7664e3ff5a1173c62575184c674e8\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_s390.deb\n Size/MD5 checksum: 29510 6b28d5ca95a5e09b74989bc1f6f81c14\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 227226 513f1a6c24c6b815470078cc0e2ee72e\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 54026 52d920d2cfcf8e208e3a04afc2983751\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 430544 7819784bedbc84d394ca11ed42c2c9e4\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 107728 c694c5e1d66d5985aaf2bf4eda793ba0\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 151578 07eb106e95368b5dec91521907398d1d\n http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 35636 1eab2cc36c7adc947b5e2fa70800e9b8\n http://security.debian.org/pool/updates/main/h/heimdal/libasn1-5-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 54854 eb29480cce8645f5bb72f2f2694b2f26\n http://security.debian.org/pool/updates/main/h/heimdal/libcomerr1-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 26260 9ddcdbc49b997c4dc903a651e3007877\n http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 39100 cf636dca0a94f193f46bcf88db439672\n http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 38004 28e82ffa12af5c90df707e686ef29906\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 31738 c70af19b2e2f73f1359208f0f8ce59b6\n http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 39884 cb269f527e83ae03a9b2db051a487fa8\n http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 29702 925140a648da199ef7338bf415f605db\n http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 112400 5c9329c597ca1448ed158e30b4f7895a\n http://security.debian.org/pool/updates/main/h/heimdal/libotp0-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 58340 473a1c45ba02d9c84bb786ee116a46bd\n http://security.debian.org/pool/updates/main/h/heimdal/libroken9-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 55444 0272fc78d38e0c1d3dd7176e412504e2\n http://security.debian.org/pool/updates/main/h/heimdal/libsl0-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 28256 a33d2dbf32502d3f3caf3917e82c5ffe\n http://security.debian.org/pool/updates/main/h/heimdal/libss0-heimdal_0.4e-7.woody.11_sparc.deb\n Size/MD5 checksum: 28954 28a7aed2ab84250549c5e64ac987e00c\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2005-07-27T00:00:00", "published": "2005-07-27T00:00:00", "id": "DEBIAN:DSA-765-1:8D31C", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00153.html", "title": "[SECURITY] [DSA 765-1] New heimdal packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-30T02:22:33", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 703-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nApril 1st, 2005 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : krb5\nVulnerability : buffer overflows\nProblem-Type : remote\nDebian-specific: no\nCVE IDs : CAN-2005-0468 CAN-2005-0469\nCERT advisories: VU#341908 VU#291924\n\nSeveral problems have been discovered in telnet clients that could be\nexploited by malicious daemons the client connects to. The Common\nVulnerabilities and Exposures project identifies the following\nproblems:\n\nCAN-2005-0468\n\n Ga\u00ebl Delalleau discovered a buffer overflow in the env_opt_add()\n function that allow a remote attacker to execute arbitrary code.\n\nCAN-2005-0469\n\n Ga\u00ebl Delalleau discovered a buffer overflow in the handling of the\n LINEMODE suboptions in telnet clients. This can lead to the\n execution of arbitrary code when connected to a malicious server.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 1.2.4-5woody8.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1.3.6-1.\n\nWe recommend that you upgrade your krb5 package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody8.dsc\n Size/MD5 checksum: 750 51c3ea6dcf74a9d82bef016509870c3d\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody8.diff.gz\n Size/MD5 checksum: 83173 97d5ce1eeec763cc67d56b0758891a0f\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4.orig.tar.gz\n Size/MD5 checksum: 5443051 663add9b5942be74a86fa860a3fa4167\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.2.4-5woody8_all.deb\n Size/MD5 checksum: 512968 88dea0dcf727a6fe03457485e6c98ea4\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 253798 4124ad89c3d6698ae5ce09cc0a810e77\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 217536 02bdd8e928ce65cfc415de890106cde7\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 63072 9aa2b092cc3d4729f6d309160b27117c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 252162 0f2b0638347b34b07ab919c05b7a404a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 76452 4eab68ade26bdd00dc733183f673cf7e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 59106 4c00e1ad73ba0be9631ed3b20846cf31\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 207478 f94b1e493f4a35a9244ab0a71f714f61\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 83948 b4870cfb49811f9e9bfc182004d6e72a\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 633440 f794455df495082bd8c40b2f0a6e0f22\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 367446 248fced4d354d47649deaa0c5d349354\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 197342 11591d7d943ee2d38f0117b53ec59026\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 160678 f4118cf6266830f7db9553329dcc1532\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 48830 dc4986db69fc9fa3aacd9487a1a57004\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 198672 6e11c792134a4d9bd602a7461895c42c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 63738 01cee2e685f3bc973f7cce7e5ec08f56\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 49406 03755be7fa950f05c099aff6dc847e7d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 166018 b8000d9c82076d7134aacf28a3ae7a98\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 73626 3070b54d29b8174b78886e37bc25c112\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 493632 b74a2e03c250019f25ff58387792d666\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 295230 bd4ccc64814aeebd0071b68dc964080d\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 179362 e38dffa6b1e44da9c05ab5569283141b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 152348 eb2d37aca6f5aeb2ecd3dc7a66b351fc\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 46370 dda52cc0f381955716025f4f3f210630\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 178578 3d9e28bc8bbd83161cd8c9781db99e76\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 61358 846936ed49d43dddf11c8239e7ecb74f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 46652 4b12ff1ef17b81aadec2cf27c249b263\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 156624 2a626d8694742a825242085d83efb40f\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 72022 678e924f12886c54cb3ca9bdee6a8da4\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 433960 9a90e0a4c79b81f2d00945fb7bdf84da\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 293706 be17bc6de25438a34466e7a47c5e4a0f\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 322390 bd8deae9fe5e2fd0d0e304d93c676c95\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 266614 fa5fedbcc5ce19cf0fd6e0f019988aaa\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 73742 3b21c0fd054d80e979808c47bef49b15\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 322348 b893958f43de292d927b49cd9dda434b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 92050 2c1a3cf4ae7311dc95a696bf919148e9\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 70700 38b66040685eb5421abcb92cdcb682df\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 256278 5440c691dcc69e168105b60a4433332d\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 107650 0b12f0212a2e8ee31654a605e7b74219\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 705942 9dc21d18876a435f5ecbae3c1fa90fac\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 475034 072e1682115dd9c556d2eca5c65780af\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 214666 50a69b51ec610a919c00e13dad97c237\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 189950 ed974a7360091fe4ea8a5dee5f310a93\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 54064 87d03aa246e3a8bed874ea20aab5c90c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 214092 fdb3544036609131e218f1293d59ab62\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 68802 6476e62e8872de28da85a6d7ff6a91a8\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 55892 ae903fa8671838a64061748b150503ae\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 183066 bde3354927006d85aed74b4ce67f379b\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 85122 160ea9c72f59ee814853092ba414f37e\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 558094 4b5f91e312a31a075cf0ee5f5abb28f4\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 362152 bf33b679c8e3023f1baa81dedc1c9e32\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 164376 695f5090f6f02ef5ffcdb94994923d1d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 144904 f03b67ac31422c20cd2024a7f530f077\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 44522 7bb04f7623ecb06934e615790364744e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 164106 460978cf8ba185277681491f91269bd3\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 57054 8bcee8e9061c204cc1d53f310603f647\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 44838 c57524e8c13e8f007451617b6c99374f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 146184 ef14d19fd5d0d4bb4a4ee88287e556cd\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 70032 1bccace886d6c662ab3b10b0cfaa29d9\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 409054 be8e8f2a4573bb15ec6024f00a1c4087\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 277330 c78d56b08e2e4c37bc7d9d1aae9272f6\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 206742 9881404c18f586f88b60322f6ac46e11\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 191334 637743e42bdcbd990a8a8eaec03f04e6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 53510 c194be0f6dedfbaa82f3f7f51bbafe48\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 209794 7ad1a3ae1a623910446a89d44f4d7c0a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 66606 0921f3d4930ad9501eba05cb48c86093\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 55072 22603859834a0c66169b9c6b3438296b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 175416 edcbd96200fec2b725a64df310856287\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 72292 afa180a53f462b42ada57f4183e481b2\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 541350 be00fa435c03a2474310c03b3aadb3d0\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 308518 db69345f0ad3df1e0b3b70310ffa6ed6\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 210850 d7831efe581155af02fbf4cd4b298577\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 190990 facf8459bd0684335304e2a9af7b8ec1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 53694 cbae172d0491dd9f259b31f502d3f0ef\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 213350 9b2e3742c660d42556e790503cfa73c2\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 66918 cf9b408405283ea6cda2dc7d79dc5187\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 54936 13d0e562fea89e39cecffe02caa5184f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 177270 6e92b594956acc65452e8c351222fb53\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 72106 54a3fbae7e86134d48ee49befcb00c99\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 540884 a93fd74e3cfce1d61e81dc15adeede7d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 307184 e725f0ab101cf33b1eb127eb3d18df81\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 188456 1605cd80b08025be71477d33bae41d53\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 164152 0e3d09352a72b78dce03519b297a87c3\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 49372 9289fc6a3d9a4a1e35e55a8f536b2762\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 189546 cee053d38c1f38de08966f6957ed914a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 62728 e6f98290ed591d955d5c80eb58d9f6dd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 49338 bf451f9b226dd16dac16ee9c59d97783\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 162762 2edc9dee6e7672c838626cd391820de9\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 74060 5c6ce5c10f005fa31786354fd60c4616\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 490920 1a5ee5de494c46f5c00598b2ef5dff3d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 303574 0972361a36370e77050b37e46aeaed66\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 189308 1b5d39163a97cb6ea829810afb1a648c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 166440 0709eaf98f958d5190afbe956a277995\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 50302 f8721e09d7b159a5e16b293a8999d43c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 190628 cd1c66f7eaa63239aee8fbb4a26bed76\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 67096 a191f8826271cfe94a8aef0d8e6aece1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 50278 b0fccd0d25256f8357e8f32e815bf6f6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 164334 ce022c07d1815b0df8b5f9a46e8c2ed8\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 76638 4aa46656e9c0293fb5e28e56391e77bc\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 453482 b52bf2d4a664c52c350f80c1593ea5c2\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 319656 7b7d0c4b136d99b9dfaf798d4f94d0c9\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 183454 aa907094cbdaac57da2f0eca9b8eb5bd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 173036 7f173f3267bcab3e66922ea6d40b9108\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 49792 ce46cc950c54a24025647cec765c6e6b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 184358 1ae257a74f7e385a2e4e186a26e86da6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 64400 6429cb02f6d8c3948ef94176ee077c9e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 49780 dc7690038fd1b4125179157411f96396\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 159528 4c9938799737182f5fd4455f7ba08508\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 73406 83f33192e1d069af16c155136117b331\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 463024 94916989bafb9975e1d973cc0210b1d0\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 301464 ebf61bee3343e02ea2d64066a6713424\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2005-04-01T00:00:00", "published": "2005-04-01T00:00:00", "id": "DEBIAN:DSA-703-1:60FCA", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00083.html", "title": "[SECURITY] [DSA 703-1] New krb5 packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-22T02:25:28", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 731-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nJune 2nd, 2005 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : krb4\nVulnerability : buffer overflows\nProblem-Type : remote\nDebian-specific: no\nCVE IDs : CAN-2005-0468 CAN-2005-0469\nCERT advisories: VU#341908 VU#291924\n\nSeveral problems have been discovered in telnet clients that could be\nexploited by malicious daemons the client connects to. The Common\nVulnerabilities and Exposures project identifies the following\nproblems:\n\nCAN-2005-0468\n\n Ga\u00ebl Delalleau discovered a buffer overflow in the env_opt_add()\n function that allow a remote attacker to execute arbitrary code.\n\nCAN-2005-0469\n\n Ga\u00ebl Delalleau discovered a buffer overflow in the handling of the\n LINEMODE suboptions in telnet clients. This can lead to the\n execution of arbitrary code when connected to a malicious server.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 1.1-8-2.4.\n\nFor the testing distribution (sarge) these problems have been fixed in\nversion 1.2.2-11.2.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1.2.2-11.2.\n\nWe recommend that you upgrade your krb4 packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/krb4/krb4_1.1-8-2.4.dsc\n Size/MD5 checksum: 1184 6bdded56c97fa8107ef830b988f607e8\n http://security.debian.org/pool/updates/main/k/krb4/krb4_1.1-8-2.4.tar.gz\n Size/MD5 checksum: 1842344 72c2e4f7b2237d402d3bb826958b9cbf\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-docs_1.1-8-2.4_all.deb\n Size/MD5 checksum: 99064 d5181a379088ba2d6fff47daa2706573\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-services_1.1-8-2.4_all.deb\n Size/MD5 checksum: 57774 fdea145b1d29e8eea163e9062750fac2\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-user_1.1-8-2.4_all.deb\n Size/MD5 checksum: 57784 da4abd2e843f2e5498a3540e19fed314\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-x11_1.1-8-2.4_all.deb\n Size/MD5 checksum: 57766 921d105b7d61287fbf04b1ddb05e878e\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth1_1.1-8-2.4_all.deb\n Size/MD5 checksum: 57752 cde4890f731272dedba748c59c5f4714\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.4_alpha.deb\n Size/MD5 checksum: 343628 385d891e20b179630db9bf9396ef77b1\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.4_alpha.deb\n Size/MD5 checksum: 95284 8f97fefadadb521ba59b9769e8ed4b4f\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.4_alpha.deb\n Size/MD5 checksum: 190266 aae79a35aae04dfc4488551ab8f499d5\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.4_alpha.deb\n Size/MD5 checksum: 176606 5a7833beb565f93423b6c48bc86daf3d\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.4_alpha.deb\n Size/MD5 checksum: 133012 72aea2cc8984a2001f1e9a880f98fbdc\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.4_alpha.deb\n Size/MD5 checksum: 69828 e4930a1afaab442b515fe6dcc409a41c\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.4_alpha.deb\n Size/MD5 checksum: 255048 c7c459d7ca550084ef0a75231bd299af\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.4_alpha.deb\n Size/MD5 checksum: 75540 6f20965b4456e941f305b8904989a407\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.4_alpha.deb\n Size/MD5 checksum: 64304 ff8db60625d0b44db2c0abb68b83729f\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.4_alpha.deb\n Size/MD5 checksum: 69874 a638ec98a6015fa5896da560da20a5ff\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.4_alpha.deb\n Size/MD5 checksum: 68558 c96c16f3c02ea65c82ce6050ca14c2a7\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.4_alpha.deb\n Size/MD5 checksum: 110480 c4a36bcaf819f5902d86d3c57e6a6dd0\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.4_arm.deb\n Size/MD5 checksum: 279920 b36455f050c57063c9f1e32b49c1dc81\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.4_arm.deb\n Size/MD5 checksum: 88428 bb65f5be94241d6c2998eb0a145bbfa0\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.4_arm.deb\n Size/MD5 checksum: 164412 942498227ec66edf942ffe8ff97e5808\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.4_arm.deb\n Size/MD5 checksum: 149744 b38f69ee0b7637ec8b2d6d396a2d5b1f\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.4_arm.deb\n Size/MD5 checksum: 115090 973d6ed2dd4a4744cc8e723d5f062a30\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.4_arm.deb\n Size/MD5 checksum: 67992 a7b8e6979f72a62e00fb8ac3864ae998\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.4_arm.deb\n Size/MD5 checksum: 210692 5b4ea01a1eacb95190f03f790b056483\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.4_arm.deb\n Size/MD5 checksum: 71664 36485ac26d2bd938523e274d8b80ff0b\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.4_arm.deb\n Size/MD5 checksum: 65028 78a0bfa44d242db1325a48cad7b105cc\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.4_arm.deb\n Size/MD5 checksum: 67232 581df67f27708725e9221e203ff5bfc9\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.4_arm.deb\n Size/MD5 checksum: 66762 0768c6927572eb16500fee8cd3af8002\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.4_arm.deb\n Size/MD5 checksum: 100238 853c6c17ae900efa6973f91183e2e9df\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.4_i386.deb\n Size/MD5 checksum: 272108 10dee071c702df920b9495257a93ff61\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.4_i386.deb\n Size/MD5 checksum: 87084 57a158845fa61c3b05c55e43623cdc55\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.4_i386.deb\n Size/MD5 checksum: 158642 b66a77d5d02b86394988c8c978b9debd\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.4_i386.deb\n Size/MD5 checksum: 143100 6ffed02175cc521673662010a55c48a1\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.4_i386.deb\n Size/MD5 checksum: 114716 62f56816e19dc2b9511793f2ef9b435d\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.4_i386.deb\n Size/MD5 checksum: 67790 936feb9747d8b573165733977b2a8d01\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.4_i386.deb\n Size/MD5 checksum: 205748 8997300c132105857298903f02f8bf13\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.4_i386.deb\n Size/MD5 checksum: 71776 70ad9d8f4d10f5e5b5bd8ecb67032773\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.4_i386.deb\n Size/MD5 checksum: 63482 3195fbf3dfd0b4c1743193225bd9c8ec\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.4_i386.deb\n Size/MD5 checksum: 67244 c68dce5b363a95e7933463db11fd2267\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.4_i386.deb\n Size/MD5 checksum: 66598 4c3ec3e5f98f96a57f797616610c4fca\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.4_i386.deb\n Size/MD5 checksum: 99192 70a50c72572ce6218b61da2c0dd09a3e\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.4_ia64.deb\n Size/MD5 checksum: 398268 43b250a185940d6ac1cc4335cbbd14ce\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.4_ia64.deb\n Size/MD5 checksum: 102836 5d18cf741757b9eae39dcce5e3962ec2\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.4_ia64.deb\n Size/MD5 checksum: 199410 3343a4f437f9d33ed9bebda1c326f72b\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.4_ia64.deb\n Size/MD5 checksum: 183592 668a7a06840dd9c228e8f64eed5c5788\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.4_ia64.deb\n Size/MD5 checksum: 138298 52838f237341a2eab6a7eecb5fcd0496\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.4_ia64.deb\n Size/MD5 checksum: 71908 11fd865cd3661a4875dc4ea4d562ec2a\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.4_ia64.deb\n Size/MD5 checksum: 291830 5fd2ac4e78cb548dbe8773a9a5da9c34\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.4_ia64.deb\n Size/MD5 checksum: 78640 698e1eb66a8ae2cf8feabbfbd7658802\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.4_ia64.deb\n Size/MD5 checksum: 66322 e20bb0f8243b9caf3c9c7f61e6e2b8ec\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.4_ia64.deb\n Size/MD5 checksum: 72076 c12992a64c8b92f1878177b2ce5e890a\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.4_ia64.deb\n Size/MD5 checksum: 70918 46e8152817fa20a2f30295fbe4f91f09\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.4_ia64.deb\n Size/MD5 checksum: 122086 b53c727cc5108441a4145e3495439b35\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.4_hppa.deb\n Size/MD5 checksum: 311738 71b00c42d72d091b992719493997de7e\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.4_hppa.deb\n Size/MD5 checksum: 92164 abaa4cc522e36047318997a536fdea44\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.4_hppa.deb\n Size/MD5 checksum: 180700 9b35e3d04c5e36cbf6e90fcb70281342\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.4_hppa.deb\n Size/MD5 checksum: 167878 a4834233237bde1bfd2fb96dba8bdcd9\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.4_hppa.deb\n Size/MD5 checksum: 120244 01a5853992258debe90f87458682890d\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.4_hppa.deb\n Size/MD5 checksum: 69364 ef4e9cbf7b03e073bf7cb6ecd42aaaa9\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.4_hppa.deb\n Size/MD5 checksum: 231080 1c0a2fbc3994f9fb15b3d1a101cf7d14\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.4_hppa.deb\n Size/MD5 checksum: 73532 8f534c3312c774bc6bd8beb1c54ec69d\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.4_hppa.deb\n Size/MD5 checksum: 66488 e60ebb3799435f5d33442ca190172a68\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.4_hppa.deb\n Size/MD5 checksum: 68878 0d20475688f4901c954fffcf540e8235\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.4_hppa.deb\n Size/MD5 checksum: 68374 d3d241066bc9bd531ad2404de65d5987\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.4_hppa.deb\n Size/MD5 checksum: 110428 794d58b8be6410cf6d5594f431a07711\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.4_m68k.deb\n Size/MD5 checksum: 262944 81abba94aad783d45ed84f44f7a2e6bf\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.4_m68k.deb\n Size/MD5 checksum: 86084 b790e831c8ff77f6fd5e54cc473d6bc0\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.4_m68k.deb\n Size/MD5 checksum: 155526 3062befc48d0b1f958e93cdbe65035ff\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.4_m68k.deb\n Size/MD5 checksum: 147140 c002b4fd4d0cd6efe25d07e49f871f02\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.4_m68k.deb\n Size/MD5 checksum: 112848 75998a16d2bf4edca6af48c38bcc1aed\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.4_m68k.deb\n Size/MD5 checksum: 67514 b1cc103e0d1c1c5d392a08594c0d3e31\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.4_m68k.deb\n Size/MD5 checksum: 198468 2e24ebe415736fdf332d1b2c2db6b464\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.4_m68k.deb\n Size/MD5 checksum: 71310 a82e05d6c009555f8d2788ef41fb5d7c\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.4_m68k.deb\n Size/MD5 checksum: 63398 07f48ce7b80ac08cda10cc2a57b34aaf\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.4_m68k.deb\n Size/MD5 checksum: 67258 9052a2a7f470d1f779ab9bde552612c8\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.4_m68k.deb\n Size/MD5 checksum: 66608 e679a6617eed815715b1dd47e5430ca0\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.4_m68k.deb\n Size/MD5 checksum: 99236 349493159779745c909813254b90e7e9\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.4_mips.deb\n Size/MD5 checksum: 304602 e0d472f64a5e3130cc6a20d403941c5e\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.4_mips.deb\n Size/MD5 checksum: 90250 7ffd51ee617628af6ff0b7eb90091e66\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.4_mips.deb\n Size/MD5 checksum: 178064 9124e10afec4272b4f4201062c8452eb\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.4_mips.deb\n Size/MD5 checksum: 163104 2eb839ecca8cd194be4128f835412b64\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.4_mips.deb\n Size/MD5 checksum: 118420 add9ccbd16e845cd638831070b019c4b\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.4_mips.deb\n Size/MD5 checksum: 68774 bd74f1da9d070086b823b9d6baf188f4\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.4_mips.deb\n Size/MD5 checksum: 226288 d19bd6224a4d21683413bf77b19c73b5\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.4_mips.deb\n Size/MD5 checksum: 73250 9d76edb03f8544b4044110809c4b5d05\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.4_mips.deb\n Size/MD5 checksum: 64882 60b6f64f2ed498ec9194fc424aef89d9\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.4_mips.deb\n Size/MD5 checksum: 67624 fa9a078cc07fe86487f3e1b887d78ae9\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.4_mips.deb\n Size/MD5 checksum: 66918 56f9840d2bc2110079a731e868a08a91\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.4_mips.deb\n Size/MD5 checksum: 102202 a3c52e9cca3b3bccd9ed6bb6ded7e07a\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.4_mipsel.deb\n Size/MD5 checksum: 303732 84d9c7313173a91c70371e33d12c971d\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.4_mipsel.deb\n Size/MD5 checksum: 90316 2a973e74a40781b2e05f2dceb11c4bad\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.4_mipsel.deb\n Size/MD5 checksum: 178078 37d00c3747b795629154764d4db28213\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.4_mipsel.deb\n Size/MD5 checksum: 158686 ec9e639437ad9c68b6ffc0db2773e051\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.4_mipsel.deb\n Size/MD5 checksum: 118758 fe6efb310ccbcabf13028f5008d218d5\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.4_mipsel.deb\n Size/MD5 checksum: 68656 a92b7618e49210329f110cabeb93b5bc\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.4_mipsel.deb\n Size/MD5 checksum: 226050 3ebd562fe260e9e8c70f2a02880f6ece\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.4_mipsel.deb\n Size/MD5 checksum: 73282 7d4d97299530c714800c6f99050bdc64\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.4_mipsel.deb\n Size/MD5 checksum: 64932 ad168d3a89f9fd9290242de1e1335fe0\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.4_mipsel.deb\n Size/MD5 checksum: 67602 d85a197d8b507e4d4e50acb393fecd07\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.4_mipsel.deb\n Size/MD5 checksum: 66882 45dc7776f1e9f909941a05eee19dbb43\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.4_mipsel.deb\n Size/MD5 checksum: 101912 9ce7246c238d060447332ac9d8584a89\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.4_powerpc.deb\n Size/MD5 checksum: 282010 374baf39fbffb0cc98d7bd4c13688988\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.4_powerpc.deb\n Size/MD5 checksum: 88678 c567f1fbb394af02942b23668f52af66\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.4_powerpc.deb\n Size/MD5 checksum: 171132 cb3bfe6b32be2e9c1f5712d1b381d9e0\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.4_powerpc.deb\n Size/MD5 checksum: 169994 25ad92567a7e0ace023f7cbdd917dbdd\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.4_powerpc.deb\n Size/MD5 checksum: 115448 c3dd348d1d10470e62eff7364162fc72\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.4_powerpc.deb\n Size/MD5 checksum: 68326 068509fc76c447a7549f940554e3b3bc\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.4_powerpc.deb\n Size/MD5 checksum: 211518 5964bdb97e3b0b90ca97d9471b4212a3\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.4_powerpc.deb\n Size/MD5 checksum: 72268 16c8559a8cae6686753350ea3dd449a0\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.4_powerpc.deb\n Size/MD5 checksum: 64766 0f0fc03670705067eab1a3bf4e6befc3\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.4_powerpc.deb\n Size/MD5 checksum: 67666 44080a82d1037846a397fa00cec92c9c\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.4_powerpc.deb\n Size/MD5 checksum: 66998 620da25542e3c5fe8657b3dc45a4e1aa\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.4_powerpc.deb\n Size/MD5 checksum: 102684 eb922602d3d560c40bcb8b385268a288\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.4_s390.deb\n Size/MD5 checksum: 287378 b40e9e8af76d5dceb55f21bb853f7586\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.4_s390.deb\n Size/MD5 checksum: 90396 0536d5f3e46164fb5c998477099975b0\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.4_s390.deb\n Size/MD5 checksum: 162898 ea8dd76318466528e8b021219772343c\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.4_s390.deb\n Size/MD5 checksum: 155000 88ac614a6931f767f82b316fe4c258ba\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.4_s390.deb\n Size/MD5 checksum: 117886 a82b53c07c6a73e29fa9279f5a06d78f\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.4_s390.deb\n Size/MD5 checksum: 68576 19c939cd07039b4b42e56a6356c02b90\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.4_s390.deb\n Size/MD5 checksum: 218086 debdcaa92fd945fcd156b79731f6cfc7\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.4_s390.deb\n Size/MD5 checksum: 72894 fbdc7a602f69fdffcb69b5f9398c0365\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.4_s390.deb\n Size/MD5 checksum: 64046 8610853cae5583efe5fd49982db5bac0\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.4_s390.deb\n Size/MD5 checksum: 68116 54e802f210fa9f21c6d12769902b1134\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.4_s390.deb\n Size/MD5 checksum: 67450 90e886b70ad94e702ff640db3fd016d5\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.4_s390.deb\n Size/MD5 checksum: 104424 f06bab5fa74964259bc7104a19bce7a7\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients_1.1-8-2.4_sparc.deb\n Size/MD5 checksum: 294108 b06d895de425511f0abde356af9e163f\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-clients-x_1.1-8-2.4_sparc.deb\n Size/MD5 checksum: 89138 54c80cefac79167c2ef8de7a380e08ce\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev_1.1-8-2.4_sparc.deb\n Size/MD5 checksum: 163624 658704d0ad8418bfeb52ae5708806bf5\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-dev-common_1.1-8-2.4_sparc.deb\n Size/MD5 checksum: 154464 87af698b933adbfaaf72eec45da508a1\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kdc_1.1-8-2.4_sparc.deb\n Size/MD5 checksum: 115784 ec720b15cbfbfdb55056190fcc8b494b\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-kip_1.1-8-2.4_sparc.deb\n Size/MD5 checksum: 67984 a3272a6ce028be872f411d5befd13941\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers_1.1-8-2.4_sparc.deb\n Size/MD5 checksum: 215084 bd150a94c5369be95e7603d38bfff84b\n http://security.debian.org/pool/updates/main/k/krb4/kerberos4kth-servers-x_1.1-8-2.4_sparc.deb\n Size/MD5 checksum: 71862 93ab23f2c49bdf289ae2c378592181f6\n http://security.debian.org/pool/updates/main/k/krb4/libacl1-kerberos4kth_1.1-8-2.4_sparc.deb\n Size/MD5 checksum: 64350 50c3ba9fe7ae504fa74b534eb000b276\n http://security.debian.org/pool/updates/main/k/krb4/libkadm1-kerberos4kth_1.1-8-2.4_sparc.deb\n Size/MD5 checksum: 67806 b9591b67e8353a686abc2b66c1ff41ec\n http://security.debian.org/pool/updates/main/k/krb4/libkdb-1-kerberos4kth_1.1-8-2.4_sparc.deb\n Size/MD5 checksum: 66696 51ec19d73f9407189e9f64c29cbb2379\n http://security.debian.org/pool/updates/main/k/krb4/libkrb-1-kerberos4kth_1.1-8-2.4_sparc.deb\n Size/MD5 checksum: 102106 06334ad3db62bb37744cd1bd4df1d3e8\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2005-06-02T00:00:00", "published": "2005-06-02T00:00:00", "id": "DEBIAN:DSA-731-1:76928", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00115.html", "title": "[SECURITY] [DSA 731-1] New krb4 packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2016-09-04T11:52:33", "bulletinFamily": "unix", "description": "Heimdal is a Kerberos 5 implementation from the Royal Institut of Techno- logy in Stockholm. This update fixes two bugs in heimdal. The first one occurs in the rsh daemon and allows an authenticated malicious user to gain ownership of files that belong to other users (CVE-2006-0582). The second bug affects the telnet server and can be used to crash the server before authentication happens. It is even a denial-of-service attack when the telnetd is started via inetd because inetd stops forking the daemon when it forks too fast (CVE-2006-0677).\n#### Solution\nThere is no work-around known.", "modified": "2006-02-24T14:44:34", "published": "2006-02-24T14:44:34", "id": "SUSE-SA:2006:011", "href": "http://lists.opensuse.org/opensuse-security-announce/2006-02/msg00020.html", "type": "suse", "title": "remote denial of service in heimdal", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:17:41", "bulletinFamily": "unix", "description": "Heimdal is a Kerberos 5 implementation from the Royal Institut of Techno- logy in Stockholm. This update fixes two bugs in heimdal. The first one occurs in the rsh daemon and allows an authenticated malicious user to gain ownership of files that belong to other users (CVE-2006-0582). The second bug affects the telnet server and can be used to crash the server before authentication happens. It is even a denial-of-service attack when the telnetd is started via inetd because inetd stops forking the daemon when it forks too fast (CVE-2006-0677).\n#### Solution\nThere is no work-around known.", "modified": "2006-02-24T13:58:32", "published": "2006-02-24T13:58:32", "id": "SUSE-SA:2006:010", "href": "http://lists.opensuse.org/opensuse-security-announce/2006-02/msg00018.html", "title": "remote denial of service in heimdal", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:32:37", "bulletinFamily": "unix", "description": "A remote buffer overflow has been fixed in the heimdal / kerberos telnetd daemon which could lead to a remote user executing code as root by overflowing a buffer.\n#### Solution\nPlease install the updated packages.", "modified": "2005-07-06T15:31:34", "published": "2005-07-06T15:31:34", "id": "SUSE-SA:2005:040", "href": "http://lists.opensuse.org/opensuse-security-announce/2005-07/msg00008.html", "type": "suse", "title": "remote code execution in heimdal", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "ubuntu": [{"lastseen": "2019-12-19T12:33:21", "bulletinFamily": "unix", "description": "A remote Denial of Service vulnerability was discovered in the heimdal implementation of the telnet daemon. A remote attacker could force the server to crash due to a NULL de-reference before the user logged in, resulting in inetd turning telnetd off because it forked too fast.\n\nPlease note that the heimdal-servers package is not officially supported in Ubuntu (it is in the \u2018universe\u2019 component of the archive). However, this affects you if you use a customized version built from the heimdal source package (which is supported).", "modified": "2006-02-18T00:00:00", "published": "2006-02-18T00:00:00", "id": "USN-253-1", "href": "https://usn.ubuntu.com/253-1/", "title": "heimdal vulnerability", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T17:22:23", "bulletinFamily": "unix", "description": "A privilege escalation flaw has been found in the heimdal rsh (remote shell) server. This allowed an authenticated attacker to overwrite arbitrary files and gain ownership of them.\n\nPlease note that the heimdal-servers package is not officially supported in Ubuntu (it is in the \u2018universe\u2019 component of the archive). However, this affects you if you use a customized version built from the heimdal source package (which is supported).", "modified": "2006-02-11T00:00:00", "published": "2006-02-11T00:00:00", "id": "USN-247-1", "href": "https://usn.ubuntu.com/247-1/", "title": "Heimdal vulnerability", "type": "ubuntu", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T17:23:07", "bulletinFamily": "unix", "description": "A buffer overflow was discovered in the telnet client\u2019s handling of the LINEMODE suboptions. By sending a specially constructed reply containing a large number of SLC (Set Local Character) commands, a remote attacker (i. e. a malicious telnet server) could execute arbitrary commands with the privileges of the user running the telnet client. (CAN-2005-0469)\n\nMichal Zalewski discovered a Denial of Service vulnerability in the telnet server (telnetd). A remote attacker could cause the telnetd process to free an invalid pointer, which caused the server process to crash, leading to a denial of service (inetd will disable the service if telnetd crashed repeatedly), or possibly the execution of arbitrary code with the privileges of the telnetd process (by default, the \u2018telnetd\u2019 user). Please note that the telnet server is not officially supported by Ubuntu, it is in the \u201cuniverse\u201d component. (CAN-2004-0911)", "modified": "2005-03-29T00:00:00", "published": "2005-03-29T00:00:00", "id": "USN-101-1", "href": "https://usn.ubuntu.com/101-1/", "title": "telnet vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T17:23:08", "bulletinFamily": "unix", "description": "Ga\ufffdl Delalleau discovered a buffer overflow in the env_opt_add() function of the Kerberos 4 and 5 telnet clients. By sending specially crafted replies, a malicious telnet server could exploit this to execute arbitrary code with the privileges of the user running the telnet client. (CVE-2005-0468)\n\nGa\ufffdl Delalleau discovered a buffer overflow in the handling of the LINEMODE suboptions in the telnet clients of Kerberos 4 and 5. By sending a specially constructed reply containing a large number of SLC (Set Local Character) commands, a remote attacker (i. e. a malicious telnet server) could execute arbitrary commands with the privileges of the user running the telnet client. (CVE-2005-0469)\n\nDaniel Wachdorf discovered two remote vulnerabilities in the Key Distribution Center of Kerberos 5 (krb5-kdc). By sending certain TCP connection requests, a remote attacker could trigger a double-freeing of memory, which led to memory corruption and a crash of the KDC server. (CVE-2005-1174). Under rare circumstances the same type of TCP connection requests could also trigger a buffer overflow that could be exploited to run arbitrary code with the privileges of the KDC server. (CVE-2005-1175)\n\nMagnus Hagander discovered that the krb5_recvauth() function attempted to free previously freed memory in some situations. A remote attacker could possibly exploit this to run arbitrary code with the privileges of the program that called this function. Most imporantly, this affects the following daemons: kpropd (from the krb5-kdc package), klogind, and kshd (both from the krb5-rsh-server package). (CVE-2005-1689)\n\nPlease note that these packages are not officially supported by Ubuntu (they are in the \u2018universe\u2019 component of the archive).", "modified": "2005-12-06T00:00:00", "published": "2005-12-06T00:00:00", "id": "USN-224-1", "href": "https://usn.ubuntu.com/224-1/", "title": "Kerberos vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:13", "bulletinFamily": "software", "description": "## Solution Description\nUpgrade to version 0.6.5, 0.7 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\n[Vendor Specific Advisory URL](http://www.debian.org/security/2005/dsa-758)\nSecurity Tracker: 1014244\n[Secunia Advisory ID:15965](https://secuniaresearch.flexerasoftware.com/advisories/15965/)\n[Secunia Advisory ID:15718](https://secuniaresearch.flexerasoftware.com/advisories/15718/)\n[Secunia Advisory ID:15858](https://secuniaresearch.flexerasoftware.com/advisories/15858/)\n[Secunia Advisory ID:16413](https://secuniaresearch.flexerasoftware.com/advisories/16413/)\nOther Advisory URL: http://www.debian.org/security/2005/dsa-773\nOther Advisory URL: http://www.pdc.kth.se/heimdal/advisory/2005-06-20/\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200506-24.xml\nOther Advisory URL: http://lists.suse.com/archive/suse-security-announce/2005-Jul/0002.html\n[CVE-2005-2040](https://vulners.com/cve/CVE-2005-2040)\n", "modified": "2005-06-20T08:39:12", "published": "2005-06-20T08:39:12", "href": "https://vulners.com/osvdb/OSVDB:17449", "id": "OSVDB:17449", "title": "Heimdal telnetd getterminaltype Function Overflow", "type": "osvdb", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-04-28T13:20:20", "bulletinFamily": "software", "description": "## Solution Description\nUpgrade to version 0.7.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\n[Vendor Specific Advisory URL](http://www.ubuntu.com/usn/usn-253-1)\n[Vendor Specific Advisory URL](http://lists.suse.de/archive/suse-security-announce/2006-Feb/0009.html)\n[Vendor Specific Advisory URL](http://www.debian.org/security/2006/dsa-977)\n[Secunia Advisory ID:18961](https://secuniaresearch.flexerasoftware.com/advisories/18961/)\n[Secunia Advisory ID:18894](https://secuniaresearch.flexerasoftware.com/advisories/18894/)\n[Secunia Advisory ID:19005](https://secuniaresearch.flexerasoftware.com/advisories/19005/)\nMail List Post: http://archives.neohapsis.com/archives/apps/freshmeat/2007-01/0013.html\nMail List Post: http://www.stacken.kth.se/lists/heimdal-discuss/2006-02/msg00028.html\n[CVE-2006-0677](https://vulners.com/cve/CVE-2006-0677)\n", "modified": "2006-02-06T09:35:58", "published": "2006-02-06T09:35:58", "href": "https://vulners.com/osvdb/OSVDB:23244", "id": "OSVDB:23244", "title": "Heimdal telnetd Unspecified Remote DoS", "type": "osvdb", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-04-28T13:20:19", "bulletinFamily": "software", "description": "## Solution Description\nUpgrade to version 0.6.6, 0.7.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\n[Vendor Specific Advisory URL](http://lists.suse.de/archive/suse-security-announce/2006-Feb/0009.html)\n[Vendor Specific Advisory URL](http://www.debian.org/security/2006/dsa-977)\nSecurity Tracker: 1015591\n[Secunia Advisory ID:18733](https://secuniaresearch.flexerasoftware.com/advisories/18733/)\n[Secunia Advisory ID:18806](https://secuniaresearch.flexerasoftware.com/advisories/18806/)\n[Secunia Advisory ID:19302](https://secuniaresearch.flexerasoftware.com/advisories/19302/)\n[Secunia Advisory ID:18894](https://secuniaresearch.flexerasoftware.com/advisories/18894/)\n[Secunia Advisory ID:19005](https://secuniaresearch.flexerasoftware.com/advisories/19005/)\nOther Advisory URL: http://www.ubuntu.com/usn/usn-247-1\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200603-14.xml\nOther Advisory URL: http://www.pdc.kth.se/heimdal/advisory/2006-02-06/\n[CVE-2006-0582](https://vulners.com/cve/CVE-2006-0582)\n", "modified": "2006-02-06T03:47:52", "published": "2006-02-06T03:47:52", "href": "https://vulners.com/osvdb/OSVDB:22986", "id": "OSVDB:22986", "title": "Heimdal rshd Server Forwarded Credential Overwrite Privilege Escalation", "type": "osvdb", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-04-28T13:20:11", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\n[Vendor Specific Advisory URL](http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1)\n[Vendor Specific Advisory URL](http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2005-001-telnet.txt)\n[Vendor Specific Advisory URL](http://tech.f5.com/home/bigip/solutions/advisories/sol4441.html)\n[Vendor Specific Advisory URL](http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1)\n[Vendor Specific Advisory URL](http://support.avaya.com/elmodocs2/security/ASA-2005-156.pdf)\n[Vendor Specific Advisory URL](http://www.trustix.org/errata/2005/0028/)\n[Vendor Specific Advisory URL](http://support.avaya.com/elmodocs2/security/ASA-2005-132_RHSA-2005-327.pdf)\nSecurity Tracker: 1013575\n[Secunia Advisory ID:17389](https://secuniaresearch.flexerasoftware.com/advisories/17389/)\n[Secunia Advisory ID:14745](https://secuniaresearch.flexerasoftware.com/advisories/14745/)\n[Secunia Advisory ID:17899](https://secuniaresearch.flexerasoftware.com/advisories/17899/)\n[Secunia Advisory ID:16171](https://secuniaresearch.flexerasoftware.com/advisories/16171/)\n[Secunia Advisory ID:16293](https://secuniaresearch.flexerasoftware.com/advisories/16293/)\n[Secunia Advisory ID:16413](https://secuniaresearch.flexerasoftware.com/advisories/16413/)\nRedHat RHSA: RHSA-2005:330\nRedHat RHSA: RHSA-2005:327\nOther Advisory URL: http://www.debian.org/security/2005/dsa-697\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200503-36.xml\nOther Advisory URL: http://www.debian.org/security/2005/dsa-703\nOther Advisory URL: ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.23/SCOSA-2005.23.txt\nOther Advisory URL: http://www.debian.org/security/2005/dsa-699\nOther Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:061\nOther Advisory URL: http://www.pdc.kth.se/heimdal/advisory/2005-04-20/\nOther Advisory URL: http://www.debian.org/security/2005/dsa-773\nOther Advisory URL: http://www.ubuntulinux.org/usn/usn-224-1\nOther Advisory URL: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc\nOther Advisory URL: http://www.ubuntulinux.org/support/documentation/usn/usn-101-1\nOther Advisory URL: http://rhn.redhat.com/errata/RHSA-2005-330.html\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200504-04.xml\nOther Advisory URL: ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.21/SCOSA-2005.21.txt\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200504-28.xml\nOther Advisory URL: http://www.novell.com/linux/security/advisories/2005_12_sr.html\nOther Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20050405-01-P.asc\nOther Advisory URL: http://www.debian.org/security/2005/dsa-731\nOther Advisory URL: http://www.debian.org/security/2005/dsa-765\nOther Advisory URL: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2005-004.txt.asc\nOther Advisory URL: http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities&flashstatus=true\nOther Advisory URL: http://rhn.redhat.com/errata/RHSA-2005-327.html\nOther Advisory URL: http://www.openbsd.org/errata.html#telnet\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200504-01.xml\nOther Advisory URL: http://support.avaya.com/elmodocs2/security/ASA-2005-088_RHSA-2005-330.pdf\nOther Advisory URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.425797\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-03/0478.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-03/0500.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-03/0465.html\n[CVE-2005-0469](https://vulners.com/cve/CVE-2005-0469)\nCERT VU: 291924\nBugtraq ID: 12918\n", "modified": "2005-03-28T07:40:47", "published": "2005-03-28T07:40:47", "href": "https://vulners.com/osvdb/OSVDB:15094", "id": "OSVDB:15094", "title": "Multiple Vendor Telnet slc_add_reply Function Remote Overflow", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:18", "bulletinFamily": "unix", "description": "### Background\n\nHeimdal is a free implementation of Kerberos 5 that includes a telnetd server. \n\n### Description\n\nIt has been reported that the \"getterminaltype\" function of Heimdal's telnetd server is vulnerable to buffer overflows. \n\n### Impact\n\nAn attacker could exploit this vulnerability to execute arbitrary code with the permission of the telnetd server program. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll users should upgrade to the latest available version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-crypt/heimdal-0.6.5\"", "modified": "2005-06-29T00:00:00", "published": "2005-06-29T00:00:00", "id": "GLSA-200506-24", "href": "https://security.gentoo.org/glsa/200506-24", "type": "gentoo", "title": "Heimdal: Buffer overflow vulnerabilities", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2016-09-06T19:46:20", "bulletinFamily": "unix", "description": "### Background\n\nnetkit-telnetd provides standard Linux telnet client and server. \n\n### Description\n\nA buffer overflow has been identified in the slc_add_reply() function of netkit-telnetd client, where a large number of SLC commands can overflow a fixed size buffer. \n\n### Impact\n\nSuccessful explotation would require a vulnerable user to connect to an attacker-controlled host using telnet, potentially executing arbitrary code with the permissions of the telnet user. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll netkit-telnetd users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/netkit-telnetd-0.17-r6\"", "modified": "2005-03-31T00:00:00", "published": "2005-03-31T00:00:00", "id": "GLSA-200503-36", "href": "https://security.gentoo.org/glsa/200503-36", "type": "gentoo", "title": "netkit-telnetd: Buffer overflow", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-06T19:46:41", "bulletinFamily": "unix", "description": "### Background\n\nHeimdal is a free implementation of Kerberos 5. \n\n### Description\n\nAn unspecified privilege escalation vulnerability in the rshd server of Heimdal has been reported. \n\n### Impact\n\nAuthenticated users could exploit the vulnerability to escalate privileges or to change the ownership and content of arbitrary files. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Heimdal users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-crypt/heimdal-0.7.2\"", "modified": "2006-03-17T00:00:00", "published": "2006-03-17T00:00:00", "id": "GLSA-200603-14", "href": "https://security.gentoo.org/glsa/200603-14", "type": "gentoo", "title": "Heimdal: rshd privilege escalation", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2016-09-06T19:46:04", "bulletinFamily": "unix", "description": "### Background\n\nHeimdal is a free implementation of Kerberos 5 that includes a telnet client program. \n\n### Description\n\nBuffer overflow vulnerabilities in the slc_add_reply() and env_opt_add() functions have been discovered by Gael Delalleau in the telnet client in Heimdal. \n\n### Impact\n\nSuccessful exploitation would require a vulnerable user to connect to an attacker-controlled host using the telnet client, potentially executing arbitrary code with the permissions of the user running the application. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Heimdal users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-crypt/heimdal-0.6.4\"", "modified": "2005-04-28T00:00:00", "published": "2005-04-28T00:00:00", "id": "GLSA-200504-28", "href": "https://security.gentoo.org/glsa/200504-28", "type": "gentoo", "title": "Heimdal: Buffer overflow vulnerabilities", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-06T19:46:37", "bulletinFamily": "unix", "description": "### Background\n\ntelnet-bsd provides a command line telnet client which is used for remote login using the telnet protocol. \n\n### Description\n\nA buffer overflow has been identified in the env_opt_add() function of telnet-bsd, where a response requiring excessive escaping can cause a heap-based buffer overflow. Another issue has been identified in the slc_add_reply() function, where a large number of SLC commands can overflow a fixed size buffer. \n\n### Impact\n\nSuccessful exploitation would require a vulnerable user to connect to an attacker-controlled host using telnet, potentially executing arbitrary code with the permissions of the telnet user. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll telnet-bsd users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/telnet-bsd-1.0-r1\"", "modified": "2005-04-01T00:00:00", "published": "2005-04-01T00:00:00", "id": "GLSA-200504-01", "href": "https://security.gentoo.org/glsa/200504-01", "type": "gentoo", "title": "telnet-bsd: Multiple buffer overflows", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-06T19:47:01", "bulletinFamily": "unix", "description": "### Background\n\nThe MIT Kerberos 5 implementation provides a command line telnet client which is used for remote login via the telnet protocol. \n\n### Description\n\nA buffer overflow has been identified in the env_opt_add() function, where a response requiring excessive escaping can cause a heap-based buffer overflow. Another issue has been identified in the slc_add_reply() function, where a large number of SLC commands can overflow a fixed size buffer. \n\n### Impact\n\nSuccessful exploitation would require a vulnerable user to connect to an attacker-controlled telnet host, potentially executing arbitrary code with the permissions of the telnet user on the client. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll mit-krb5 users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-crypt/mit-krb5-1.3.6-r2\"", "modified": "2005-04-06T00:00:00", "published": "2005-04-06T00:00:00", "id": "GLSA-200504-04", "href": "https://security.gentoo.org/glsa/200504-04", "type": "gentoo", "title": "mit-krb5: Multiple buffer overflows in telnet client", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cert": [{"lastseen": "2019-10-09T19:52:05", "bulletinFamily": "info", "description": "### Overview \n\nMultiple Telnet clients contain a data length validation flaw which may allow a server to induce arbitrary code execution on the client host.\n\n### Description \n\nThe Telnet network protocol is described in RFC854 and RFC855 as a general, bi-directional communications facility. The Telnet protocol is commonly used for command line login sessions between Internet hosts.\n\nMany Telnet client implementations may be vulnerable to a flaw which may allow arbitrary code to be executed on the connected client. The Telnet server may supply a specially crafted reply containing a larger number of RFC1184 LINEMODE \"Set Local Character\" (SLC) suboption commands, which are not checked for proper length before being stored into a fixed length buffer. Affected Telnet clients possibly include the BSD Telnet implementation and the MIT Kerberos distribution. \n \nThe Telnet LINEMODE mode is enabled by default in a majority of modern Telnet clients and servers, and is often negotiated automatically before user input is required. Therefore, an attacker may be able to launch a vulnerable client, for example, through commands embedded in web pages such as an IFRAME with a \"telnet:\" URL, and exploit this flaw requiring only minimal or no user interaction. \n \n--- \n \n### Impact \n\nA remote server may be able to execute arbitrary code under the permissions of the user running the Telnet client on the local host. \n \n--- \n \n### Solution \n\n**Apply an update from your vendor** \nPatches, updates, and fixes are available from multiple vendors. \n \n--- \n \nAs a workaround, the client may explicitly disable the LINEMODE mode before connecting in order to prevent LINEMODE command processing. In addition, as a best practice clients should never connect to unknown servers. \n \n--- \n \n### Vendor Information\n\n291924\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Vendor has issued information\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n__ Affected __ Unknown __ Unaffected \n\n**Javascript is disabled. Click here to view vendors.**\n\n### __ __ Apple Computer, Inc.\n\nNotified: March 28, 2005 Updated: April 01, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nThis is fixed in Security Update 2005-003, and further information is available from <http://docs.info.apple.com/article.html?artnum=301061>.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ __ Debian Linux\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nDebian is vulnerable for this problem. In our stable distribution the following\n\nversions will correct the problem: \n \n`netkit-telnet stable 0.17-18woody3 ` \n`netkit-telnet-ssl stable 0.17.17+0.1-2woody4`\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ __ F5 Networks, Inc.\n\nNotified: March 28, 2005 Updated: May 02, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nThe telnet client vulnerabilities are considered local vulnerabilities on BIG-IP 4.x products and will be patched in releases 4.5.13 and 4.6.3. BIG-IP 9.x, FirePass and TrafficShield are not vulnerable.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ __ Mandriva, Inc.\n\nNotified: March 28, 2005 Updated: April 01, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nMandrakesoft has issued the advisory [MDKSA-2005:061](<http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:061>) to fix the vulnerabilities in our kerberos telnet client packages.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ MiT Kerberos Development Team\n\nUpdated: March 29, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nMIT Kerberos has issued [MIT krb5 Security Advisory 2005-001](<http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-001-telnet.txt>) in response to this vulnerability.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ __ Red Hat, Inc.\n\nNotified: March 28, 2005 Updated: December 22, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\n`Updates are available for Red Hat Enterprise Linux 2.1, 3, and 4 to \ncorrect this issue. New telnet and Kerberos packages along with our \nadvisory are available at the URL below and by using the Red Hat Network \n'up2date' tool. \n \n<http://rhn.redhat.com/errata/CAN-2005-0469.html>`\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### __ __ Sun Microsystems, Inc.\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nSun confirms that the telnet(1) vulnerabilities do affect all \ncurrently supported versions of Solaris: \nSolaris 7, 8, 9 and 10 \n \nSun has released a Sun Alert which describes a workaround until patches \nare available at: \n \n<http://sunsolve.sun.com> \nSun Alert #57755 \n \nThe Sun Alert will be updated with the patch information once it becomes \navailable. Sun patches are available from: \n<http://sunsolve.sun.com/securitypatch>\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ __ Microsoft Corporation\n\nNotified: March 28, 2005 Updated: April 01, 2005 \n\n### Status\n\n__ Not Vulnerable\n\n### Vendor Statement\n\nWe have investigated these reports and have determined that there are no Microsoft platforms affected.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ Cray Inc.\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ EMC Corporation\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ Engarde\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ FreeBSD, Inc.\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ Fujitsu\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ HP\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ Hitachi\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ IBM Corporation\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ IBM eServer\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ IBM zSeries\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ Immunix\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ Ingrian Networks, Inc.\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ Juniper Networks, Inc.\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ Mandriva, Inc.\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ MontaVista Software, Inc.\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ NEC Corporation\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ NetBSD\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ Nokia\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ Novell, Inc.\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ OpenBSD\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ Openwall GNU/*/Linux\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ SGI\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ SUSE Linux\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ Sequent Computer Systems, Inc.\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ Sony Corporation\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ The SCO Group (SCO Linux)\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ The SCO Group (SCO Unix)\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ TurboLinux\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ Unisys\n\nNotified: March 28, 2005 Updated: March 29, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\n### __ Wind River Systems, Inc.\n\nNotified: March 28, 2005 Updated: August 08, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23291924 Feedback>).\n\nView all 38 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | N/A | N/A \nTemporal | N/A | N/A \nEnvironmental | | N/A \n \n \n\n\n### References \n\n * [http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities](<http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities>)\n * <https://rhn.redhat.com/errata/RHSA-2005-327.html>\n * <http://secunia.com/advisories/14745/>\n * <http://web.mit.edu/kerberos/www/...s/MITKRB5-SA-2005-001-telnet.txt>\n * <http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1>\n * <http://www.auscert.org.au/5134>\n\n### Acknowledgements\n\nThanks to iDEFENSE Labs for reporting this vulnerability.\n\nThis document was written by Ken MacInnis.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2005-0469](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0469>) \n---|--- \n**Severity Metric:****** | 12.60 \n**Date Public:** | 2005-03-28 \n**Date First Published:** | 2005-03-29 \n**Date Last Updated: ** | 2005-12-22 21:22 UTC \n**Document Revision: ** | 29 \n", "modified": "2005-12-22T21:22:00", "published": "2005-03-29T00:00:00", "id": "VU:291924", "href": "https://www.kb.cert.org/vuls/id/291924", "type": "cert", "title": "Multiple Telnet clients fail to properly handle the \"LINEMODE\" SLC suboption", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-10-09T19:52:05", "bulletinFamily": "info", "description": "### Overview \n\nMultiple Telnet clients contain a data length validation flaw that may allow a malicious server to execute arbitrary code on the client host `with privs of client`.\n\n### Description \n\nThe Telnet network protocol is described in RFC854 and RFC855 as a general, bi-directional communications facility. The Telnet protocol is commonly used for command-line login sessions between Internet hosts.\n\nMany Telnet clients are vulnerable to a buffer overflow condition. \n \nThe `env_opt_add()` function of telnet.c contains a 256-byte buffer that may be expanded to 512 bytes if needed. While checks are in place to ensure that the input buffer for this function is within the size allocated, the Telnet protocol may escape characters contained in the input buffer. If the number of characters escaped causes the resulting input to exceed the 512 byte allocated buffer, a heap overflow occurs. \n \nSeveral Telnet clients derived from a variety of lineages are confirmed to be affected. Please review the \"Systems Affected\" section below, or consult with your vendor to determine if you are affected. \n \n--- \n \n### Impact \n\nExploitation of this vulnerability may permit a malicious server to execute arbitrary code with the privileges of the user that invoked the telnet client. An attacker would have to trick a victim into initiating a telnet connection using a vulnerable client. This may be accomplished with an HTML rendered email or web page, using the TELNET:// URI handler, however further user interaction may be required. \n \n--- \n \n### Solution \n\nApply a patch or upgrade as specified by your vendor. \n \n--- \n \n### Vendor Information\n\n341908\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Vendor has issued information\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n__ Affected __ Unknown __ Unaffected \n\n**Javascript is disabled. Click here to view vendors.**\n\n### __ __ Apple Computer Inc.\n\nNotified: March 28, 2005 Updated: April 01, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nThis is fixed in Security Update 2005-003, and further information is available from <http://docs.info.apple.com/article.html?artnum=301061>\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### __ Conectiva\n\nNotified: March 28, 2005 Updated: June 06, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nConectiva has released Linux Security Announcement CLA-2005:962 about this issue.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ Debian\n\nUpdated: April 04, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nWe have confirmed with the vendor that very early versions of Debian shipped a Telnet client vulnerable to this issue. However, more recent and the current builds of Debian are not affected. However note, the Debian krb5 implementation includes a telnet client as well which is vulnerable. This will be fixed with an update. Version 1.2.4-5woody8 has the corrections to both CAN-2005-0468 and CAN-2005-0469.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ __ F5 Networks\n\nNotified: March 28, 2005 Updated: May 03, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nThe telnet client vulnerabilities are considered local vulnerabilities on BIG-IP 4.x products and will be patched in releases 4.5.13 and 4.6.3. \n\nBIG-IP 9.x, FirePass and TrafficShield are not vulnerable.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ Fedora Project\n\nUpdated: April 04, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nFedora update notification is available from <https://www.redhat.com/archives/fedora-announce-list/2005-March/msg00088.html>, the notification indicates that patches are available.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ FreeBSD\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nFreeBSD has released FreeBSD-SA-05:01.telnet to address this issue. Please see <ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc>.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ Gentoo Linux\n\nUpdated: April 01, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nGentoo has released <http://www.gentoo.org/security/en/glsa/glsa-200504-01.xml> to address this issue.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ Heimdal\n\nUpdated: April 21, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nAn advisory has been released for the Heimdal implementation of Kerbos 5 which includes a vulnerable telnet client implementation. The advisory is available at <http://www.pdc.kth.se/heimdal/advisory/2005-04-20/> and indicates the vulnerability is fixed in version 0.6.4 of the product.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ MIT Kerberos Development Team\n\nUpdated: March 30, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nSee <http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2005-001-telnet.txt>.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ __ MandrakeSoft\n\nNotified: March 28, 2005 Updated: April 07, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nMandrakesoft has released <http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:061> to address this issue.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ OpenBSD\n\nNotified: March 28, 2005 Updated: April 07, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nPlease see <http://www.openbsd.org/errata.html> number 014.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ Openwall GNU/*/Linux\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nPlease see <http://www.openwall.com/Owl/CHANGES-current.shtml>.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ __ Red Hat Inc.\n\nNotified: March 28, 2005 Updated: July 28, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nVendor Statement: Red Hat, Inc\n\nUpdates are available for Red Hat Enterprise Linux 2.1, 3 and 4 to correct this \nissue. New telnet and Kerberos packages along with our advisory are available \nat the URL below and by using the Red Hat Network 'up2date' tool. \n \n<http://rhn.redhat.com/errata/CAN-2005-0468.html>\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nPlease see <http://rhn.redhat.com/errata/RHSA-2005-330.html>.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ SCO Unix\n\nNotified: March 28, 2005 Updated: April 14, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nSCO has released a security advisory and patches for UnixWare 7.1.4, 7.1.3 and 7.1.1 to address this issue. The advisory can found at:\n\n<ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.21/SCOSA-2005.21.txt>\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ SGI\n\nNotified: March 28, 2005 Updated: April 27, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nSGI has released Patch 10159 - SGI Advanced Linux Environment 3 Security \nUpdate #33, for more information see:\n\n<ftp://patches.sgi.com/support/free/security/advisories/20050401-01-U.asc> \n \nSGI has released Patch 5892 for IRIX, for more information see: \n<ftp://patches.sgi.com/support/free/security/advisories/20050405-01-P.asc>\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ __ Sun Microsystems Inc.\n\nNotified: March 28, 2005 Updated: April 14, 2005 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nSun is impacted by the telnet(1) vulnerabilities described in CERT Vulnerability Notes VU#291924 and VU#341908. Sun has published two Sun Alerts for these issues which describe the impact, contributing factors, workaround options, and resolution details. \n\nSun Alert 57755 which is available here: \n \n<http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1> \n \nis for the telnet client shipped with Solaris. The second Sun Alert, 57761, is for the Kerberized telnet shipped with the SEAM product and is available here: \n \n<http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1> \n \nThe SEAM Sun Alert is currently unresolved but will be updated with patch details as soon as they are available.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ __ Microsoft Corporation\n\nNotified: March 28, 2005 Updated: April 01, 2005 \n\n### Status\n\n__ Not Vulnerable\n\n### Vendor Statement\n\nWe have investigated these reports and have determined that there are no Microsoft platforms affected.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ Cray Inc.\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ EMC Corporation\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ Engarde\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ Fujitsu\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ Hewlett-Packard Company\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ Hitachi\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ IBM\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ IBM eServer\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ IBM zSeries\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ Immunix\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ Ingrian Networks\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ Juniper Networks\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ MontaVista Software\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ NEC Corporation\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ NetBSD\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ Nokia\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ Novell\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ SCO Linux\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ Sequent\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ Sony Corporation\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ SuSE Inc.\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ TurboLinux\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ Unisys\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\n### __ WRS\n\nNotified: March 28, 2005 Updated: March 30, 2005 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23341908 Feedback>).\n\nView all 41 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | N/A | N/A \nTemporal | N/A | N/A \nEnvironmental | | N/A \n \n \n\n\n### References \n\n * [http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities](<http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities>)\n * <http://secunia.com/advisories/14745/>\n * <http://web.mit.edu/kerberos/www/...s/MITKRB5-SA-2005-001-telnet.txt>\n * <http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1>\n * <http://www.auscert.org.au/5134>\n\n### Acknowledgements\n\nThanks to iDEFENSE Labs for reporting this vulnerability.\n\nThis document was written by Robert Mead and Jason Rafail, and is based on information in iDefense's advisory.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2005-0468](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0468>) \n---|--- \n**Severity Metric:****** | 29.95 \n**Date Public:** | 2005-03-28 \n**Date First Published:** | 2005-04-01 \n**Date Last Updated: ** | 2005-07-28 21:01 UTC \n**Document Revision: ** | 28 \n", "modified": "2005-07-28T21:01:00", "published": "2005-04-01T00:00:00", "id": "VU:341908", "href": "https://www.kb.cert.org/vuls/id/341908", "type": "cert", "title": "Multiple Telnet Clients vulnerable to buffer overflow via the env_opt_add() function in telnet.c", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:12", "bulletinFamily": "software", "description": "Multiple Telnet Client slc_add_reply() Buffer Overflow Vulnerability\r\n\r\niDEFENSE Security Advisory 03.28.05\r\nwww.idefense.com/application/poi/display?id=220&type=vulnerabilities\r\nMarch 28, 2005\r\n\r\nI. BACKGROUND\r\n\r\nThe TELNET protocol allows virtual network terminals to be connected to\r\nover the internet. The initial description of the protocol was given in\r\nRFC854 in May 1983. Since then there have been many extra features added\r\nincluding encryption.\r\n\r\nII. DESCRIPTION\r\n\r\nRemote exploitation of an buffer overflow vulnerability error in \r\nmultiple telnet clients may allow execution of arbitrary commands.\r\n\r\nThe vulnerability specifically exists in the handling of the LINEMODE\r\nsuboptions, in that there is no size check made on the output, which is\r\nstored in a fixed length buffer. By sending a specially constructed\r\nreply containing a large number of SLC (Set Local Character) commands, \r\nit is possible to overflow this buffer with server supplied data.\r\n\r\nIII. ANALYSIS\r\n\r\nSuccessful exploitation would allow a remote attacker to execute \r\narbitrary code in the context of the user which initiated the telnet \r\nprocess. In order to exploit this vulnerability, an attacker would need \r\nto convince the user to connect to their malicious server. It may be \r\npossible to automatically launch the telnet command from a webpage, for \r\nexample:\r\n\r\n<html><body>\r\n<iframe src='telnet://malicious.server/'>\r\n</body>\r\n\r\nOn opening this page the telnet client may be launched and attempt to \r\nconnect to the host 'malicious.server'.\r\n\r\nIV. DETECTION\r\n\r\niDEFENSE has confirmed the existence of the vulnerability in the telnet \r\nclient included in the Kerberos V5 Release 1.3.6 package and the client \r\nincluded in the SUNWtnetc package of Solaris 5.9. It is suspected that \r\nmost BSD based telnet clients are affected by this vulnerability.\r\n\r\nV. WORKAROUND\r\n\r\niDEFENSE is currently unaware of any effective workarounds for this \r\nvulnerability.\r\n\r\nVI. VENDOR RESPONSE\r\n\r\nThe following vendors have provided official responses related to this\r\nvulnerability. Other vendors may be affected but have not provided an\r\nofficial response.\r\n\r\nVulnerable:\r\n\r\n- ALT Linux\r\nAll supported ALT Linux distributions include telnet client derived from\r\nOpenBSD 3.0. The slc_add_reply() buffer overflow vulnerability is\r\npresent in all our telnet clients. Updated packages with fixes for\r\nthese issues will be released on March 28, 2005.\r\nhttp://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html\r\n\r\n- Apple Computer, Inc.\r\nComponent: Telnet\r\nAvailable for: Mac OS X 10.3.8, Mac OS X Server 10.3.8\r\nThis is fixed in Security Update 2005-003, which is available at\r\nhttp://docs.info.apple.com/article.html?artnum=61798\r\n\r\n- FreeBSD\r\nFreeBSD-SA-05:01.telnet security advisory:\r\nftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc\r\n\r\n- MIT (Kerberos)\r\nThis vulnerability is covered in the following upcoming advisory:\r\nMITKRB5-SA-2005-001:\r\n http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-001-telnet.txt\r\npatch against krb5-1.4:\r\n http://web.mit.edu/kerberos/advisories/2005-001-patch_1.4.txt\r\n\r\n- Openwall Project\r\nThe bugs are fixed starting with telnet package version 3.0-owl2.\r\n http://www.openwall.com/Owl/CHANGES-current.shtml\r\n\r\n- Red Hat, Inc.\r\nRed Hat Enterprise Linux ships with telnet and krb5 packages vulnerable\r\nto this issue. New telnet and krb5 packages are now available along\r\nwith our advisory at the URLs below and by using the Red Hat Network\r\n'up2date' tool.\r\n Red Hat Enterprise Linux - telnet\r\n http://rhn.redhat.com/errata/RHSA-2005-330.html\r\n Red Hat Enterprise Linux - krb5\r\n http://rhn.redhat.com/errata/RHSA-2005-327.html\r\n\r\n- Sun Microsystems Inc.\r\nSun confirms that the telnet(1) vulnerabilities do affect all\r\ncurrently supported versions of Solaris:\r\n Solaris 7, 8, 9 and 10\r\nSun has released a Sun Alert which describes a workaround until patches\r\nare available at:\r\n http://sunsolve.sun.com\r\n Sun Alert #57755 \r\nThe Sun Alert will be updated with the patch information once it becomes\r\navailable. Sun patches are available from:\r\n http://sunsolve.sun.com/securitypatch\r\n\r\nNot Vulnerable:\r\n\r\n- CyberSafe Limited\r\nThe CyberSafe TrustBroker products, version 3.0 or later, are not vulnerable.\r\n\r\n- Hewlett-Packard Development Company, L.P.\r\nHP-UX and HP Tru64 UNIX are not vulnerable.\r\n\r\n- InterSoft International, Inc.\r\nInterSoft International, Inc. products NetTerm, SecureNetTerm and\r\nSNetTerm are not affected by the slc_add_reply() buffer overflow\r\nconditions.\r\n\r\nVII. CVE INFORMATION\r\n\r\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\r\nnames CAN-2005-0469 to these issues. This is a candidate for inclusion\r\nin the CVE list (http://cve.mitre.org), which standardizes names for\r\nsecurity problems.\r\n\r\nVIII. DISCLOSURE TIMELINE\r\n\r\n02/18/2005 Initial vendor notification\r\n03/28/2005 Coordinated public disclosure\r\n\r\nIX. CREDIT\r\n\r\nGaël Delalleau credited with this discovery.\r\n\r\nGet paid for vulnerability research\r\nhttp://www.idefense.com/poi/teams/vcp.jsp\r\n\r\nFree tools, research and upcoming events\r\nhttp://labs.idefense.com\r\n\r\nX. LEGAL NOTICES\r\n\r\nCopyright \u00a9 2005 iDEFENSE, Inc.\r\n\r\nPermission is granted for the redistribution of this alert\r\nelectronically. It may not be edited in any way without the express\r\nwritten consent of iDEFENSE. If you wish to reprint the whole or any\r\npart of this alert in any other medium other than electronically, please\r\nemail customerservice@idefense.com for permission.\r\n\r\nDisclaimer: The information in the advisory is believed to be accurate\r\nat the time of publishing based on currently available information. Use\r\nof the information constitutes acceptance for use in an AS IS condition.\r\nThere are no warranties with regard to this information. Neither the\r\nauthor nor the publisher accepts any liability for any direct, indirect,\r\nor consequential loss or damage arising from use of, or reliance on,\r\nthis information.", "modified": "2005-03-31T00:00:00", "published": "2005-03-31T00:00:00", "id": "SECURITYVULNS:DOC:8175", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:8175", "title": "iDEFENSE Security Advisory 03.28.05: Multiple Telnet Client slc_add_reply() Buffer Overflow Vulnerability", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "slackware": [{"lastseen": "2019-05-30T07:37:00", "bulletinFamily": "unix", "description": "New tcpip packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1,\nand -current to fix a security issues with the telnet client. Overflows in\nthe telnet client may lead to the execution of arbitrary code as the telnet\nuser if the user connects to a malicious telnet server.\n\nMore details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469\n\nHere are the details from the Slackware 10.1 ChangeLog:\n\npatches/packages/tcpip-0.17-i486-31b.tgz: Patched two overflows in\n the telnet client that could allow the execution of arbitrary code\n when connected to a malicious telnet server.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469\n (* Security fix *)\n\nWhere to find the new packages:\n\nUpdated package for Slackware 8.1:\nftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/tcpip-0.17-i386-13b.tgz\n\nUpdated package for Slackware 9.0:\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/tcpip-0.17-i386-16b.tgz\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/tcpip-0.17-i486-24b.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/tcpip-0.17-i486-29b.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/tcpip-0.17-i486-31b.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/tcpip-0.17-i486-33.tgz\n\n\nMD5 signatures:\n\nSlackware 8.1 package:\n87b10fbcc7480a702549b4816417e189 tcpip-0.17-i386-13b.tgz\n\nSlackware 9.0 package:\nf1ecdc9628575e00b12a33fd373deb4b tcpip-0.17-i386-16b.tgz\n\nSlackware 9.1 package:\n53b479b39b124c760e8a394d7a77202e tcpip-0.17-i486-24b.tgz\n\nSlackware 10.0 package:\n27bccd82765b690a1be50a0c380cfae4 tcpip-0.17-i486-29b.tgz\n\nSlackware 10.1 package:\n1372bff0f83f8147ae8adb84c10058ec tcpip-0.17-i486-31b.tgz\n\nSlackware -current package:\n6169015f5860175119d426c0170f040b tcpip-0.17-i486-33.tgz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg tcpip-0.17-i486-33.tgz", "modified": "2005-07-29T21:44:43", "published": "2005-07-29T21:44:43", "id": "SSA-2005-210-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.425797", "title": "telnet client", "type": "slackware", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "f5": [{"lastseen": "2016-09-26T17:23:29", "bulletinFamily": "software", "description": "#### Was this resource helpful in solving your issue?\n\nYes - this resource was helpful \nNo - this resource was not helpful \nI don\u0091t know yet \n\n\nNOTE: Please do not provide personal information.\n\n \n \n\n\n#### Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear: \n", "modified": "2015-02-06T00:00:00", "published": "2005-07-20T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/4000/400/sol4441.html", "id": "SOL4441", "title": "SOL4441 - BSD telnet vulnerabilities CAN-2005-0468 and CAN-2005-0469", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-02-23T20:33:30", "bulletinFamily": "software", "description": "", "modified": "2018-07-03T23:31:00", "published": "2005-07-21T04:00:00", "id": "F5:K4441", "href": "https://support.f5.com/csp/article/K4441", "title": "BSD telnet vulnerabilities CAN-2005-0468 and CAN-2005-0469", "type": "f5", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:44:37", "bulletinFamily": "unix", "description": "The telnet package provides a command line telnet client. The telnet-server\npackage includes a telnet daemon, telnetd, that supports remote login to\nthe host machine.\n\nTwo buffer overflow flaws were discovered in the way the telnet client\nhandles messages from a server. An attacker may be able to execute\narbitrary code on a victim's machine if the victim can be tricked into\nconnecting to a malicious telnet server. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the names CAN-2005-0468\nand CAN-2005-0469 to these issues.\n\nAdditionally, the following bugs have been fixed in these erratum packages\nfor Red Hat Enterprise Linux 2.1 and Red Hat Enterprise Linux 3:\n\n- telnetd could loop on an error in the child side process\n\n- There was a race condition in telnetd on a wtmp lock on some occasions\n\n- The command line in the process table was sometimes too long and caused\nbad output from the ps command\n\n- The 8-bit binary option was not working\n\nUsers of telnet should upgrade to this updated package, which contains\nbackported patches to correct these issues.\n\nRed Hat would like to thank iDEFENSE for their responsible disclosure of\nthis issue.", "modified": "2019-03-22T23:43:01", "published": "2005-03-28T05:00:00", "id": "RHSA-2005:327", "href": "https://access.redhat.com/errata/RHSA-2005:327", "type": "redhat", "title": "(RHSA-2005:327) telnet security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:15", "bulletinFamily": "unix", "description": "Kerberos is a networked authentication system which uses a trusted third\nparty (a KDC) to authenticate clients and servers to each other.\n\nThe krb5-workstation package includes a Kerberos-aware telnet client. \nTwo buffer overflow flaws were discovered in the way the telnet client\nhandles messages from a server. An attacker may be able to execute\narbitrary code on a victim's machine if the victim can be tricked into\nconnecting to a malicious telnet server. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the names CAN-2005-0468 and\nCAN-2005-0469 to these issues.\n\nUsers of krb5 should update to these erratum packages which contain a\nbackported patch to correct this issue.\n\nRed Hat would like to thank iDEFENSE for their responsible disclosure of\nthis issue.", "modified": "2019-03-22T23:42:56", "published": "2005-03-30T05:00:00", "id": "RHSA-2005:330", "href": "https://access.redhat.com/errata/RHSA-2005:330", "type": "redhat", "title": "(RHSA-2005:330) krb5 security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
