FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

heimdal -- Multiple vulnerabilities

Affected packages
heimdal < 0.6.6

Details

VuXML ID b62c80c2-b81a-11da-bec5-00123ffe8333
Discovery 2006-02-06
Entry 2006-03-20

A Project heimdal Security Advisory reports:

The telnet client program in Heimdal has buffer overflows in the functions slc_add_reply() and env_opt_add(), which may lead to remote code execution.

The telnetd server program in Heimdal has buffer overflows in the function getterminaltype, which may lead to remote code execution.

The rshd server in Heimdal has a privilege escalation bug when storing forwarded credentials. The code allowes a user to overwrite a file with its credential cache, and get ownership of the file.

References

CVE Name CVE-2005-0469
CVE Name CVE-2005-2040
CVE Name CVE-2006-0582
CVE Name CVE-2006-0677
URL http://www.pdc.kth.se/heimdal/advisory/2005-04-20
URL http://www.pdc.kth.se/heimdal/advisory/2005-06-20
URL http://www.pdc.kth.se/heimdal/advisory/2006-02-06