EUVD-2000-0879

Malware in sbrugna...

Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.

...

Debian Security Advisory DSA 765-1 (heimdal)

The remote host is missing an update to heimdal announced via advisory DSA 765-1. Gaël Delalleau discovered a buffer overflow in the handling of the LINEMODE suboptions in telnet clients. Heimdal, a free implementation of Kerberos 5, also contains such a client. This can lead to the execution of...

Debian: Security Advisory (DSA-703-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-731-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 4.10 / 5.04 : krb4, krb5 vulnerabilities (USN-224-1)

Gael Delalleau discovered a buffer overflow in the envoptadd function of the Kerberos 4 and 5 telnet clients. By sending specially crafted replies, a malicious telnet server could exploit this to execute arbitrary code with the privileges of the user running the telnet client. CVE-2005-0468 Gael...

Debian DSA-765-1 : heimdal - buffer overflow

Gael Delalleau discovered a buffer overflow in the handling of the LINEMODE suboptions in telnet clients. Heimdal, a free implementation of Kerberos 5, also contains such a client. This can lead to the execution of arbitrary code when connected to a malicious server. %NASLMINLEVEL 70300 C Tenable...

Fedora Core 4 : krb5-1.4.1-5 (2005-553)

A double-free flaw was found in the krb5recvauth routine which may be triggered by a remote unauthenticated attacker. Fedora Core 4 contains checks within glibc that detect double-free flaws. Therefore, on Fedora Core 4, successful exploitation of this issue can only lead to a denial of service K...

security flaw

Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENVUSERVAR command...

Debian DSA-731-1 : krb4 - buffer overflows

Several problems have been discovered in telnet clients that could be exploited by malicious daemons the client connects to. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-0468 Gael Delalleau discovered a buffer overflow in the envoptadd function...

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure. Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENVUSERVAR...

DEBIAN-CVE-2005-0488

Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENVUSERVAR command...

[SECURITY] [DSA 731-1] New krb4 packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 731-1 [email protected] http://www.debian.org/security/ Martin Schulze June 2nd, 2005 http://www.debian.org/security/faq -...

DSA-731-1 krb4 - buffer overflows

Bulletin has no description...

CVE-2005-0469

Buffer overflow in the slcaddreply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character SLC commands...

CVE-2005-0469

Buffer overflow in the slcaddreply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character SLC commands...

DEBIAN-CVE-2005-0469

Buffer overflow in the slcaddreply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character SLC commands...

CVE-2001-1443

CVE-2001-1443 affects KTH Kerberos IV and Kerberos V (Heimdal) used by Telnet clients. The root cause is that the Telnet connection is not encrypted when the server does not support the requested encryption, enabling a man-in-the-middle to read communications. The NVD entry lists a CVSS v2 base s...

Debian DSA-703-1 : krb5 - buffer overflows

Several problems have been discovered in telnet clients that could be exploited by malicious daemons the client connects to. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-0468 Gael Delalleau discovered a buffer overflow in the envoptadd function...

[SECURITY] [DSA 703-1] New krb5 packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 703-1 [email protected] http://www.debian.org/security/ Martin Schulze April 1st, 2005 http://www.debian.org/security/faq -...