heimdal-lib: The Heimdal libraries
----------------------------------------------------------------------
File: heimdal-lib-0.4e-408.i586.rpm
Patchrpm: heimdal-lib-0.4e-408.i586.patch.rpm
Version: 0.4e-408
Size: 282 kB
Patchsize: 181 kB
Date: Fri 01 Apr 2005 21:3:41 CEST
Source: heimdal-0.4e-408.src.rpm
Security: Yes
----------------------------------------------------------------------
Description: This update fixes several vulnerabilities in the telnet client.
CAN-2005-0469:
A buffer overflow in the LINEMODE suboption command SLC can be
exploited by a malicious server to execute arbitrary code on
the client site with the privileges of the user running telnet.
CAN-2005-0468:
Another buffer overflow can be exploited remotely via a malicious
server by sending environment variables to the client. The result
of this bug is arbitrary code execution too.
Note that this bug can also be exploited by clicking on a URL
link that uses telnet:// as protocol and points to a server
controlled by an attacker.