|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Heimdal telnet DOS advisory
From: Ed Ravin (eravin
panix.com)
Date: Wed Mar 15 2006 - 14:33:56 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Title: Heimdal TelnetD Denial of Service
Description: Heimdal is a free implementation of the Kerberos 5
network authentication protocol. It contains several Kerberos-enabled
network server applications. The "telnetd" program provides remote
access. It is prone to a remote denial of service vulnerability due to
a design error in the application during the initial connection to
telnetd before authentication. The resulting NULL pointer de-reference
causes telnetd to crash.
Ref: http://www.us.debian.org/security/2006/dsa-977
The fix is in Heimdal 0.6.6, but NetBSD seems to still be using Heimdal 0.6.3.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]