Author: jmm-guest
Date: 2005-04-01 07:22:46 +0000 (Fri, 01 Apr 2005)
New Revision: 712
Modified:
sarge-checks/CAN/list
Log:
krb5 is vulnerable to both telnet issues.
Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list 2005-04-01 07:08:21 UTC (rev 711)
+++ sarge-checks/CAN/list 2005-04-01 07:22:46 UTC (rev 712)
@@ -1738,9 +1738,10 @@
{DSA-699-1 DSA-697-1}
TODO: heimdal contains a BSD derived telnet client as well, check whether
it''s vulnerable
TODO: krb4 contains a BSD derived telnet client as well, check whether
it''s vulnerable
- TODO: krb5 contains a BSD derived telnet client as well, check whether
it''s vulnerable
+ - krb5 (unfixed)
CAN-2005-0468 (Heap-based buffer overflow in the env_opt_add function in
telnet.c for ...)
- TODO: check
+ - krb5 (unfixed)
+ TODO: check heimdal, krb4, netkit-telnet, netkit-telnet, netkit-telnet-ssl
CAN-2005-0467 (Multiple integer overflows in the (1) sftp_pkt_getstring and (2)
...)
- putty 0.57-1
CAN-2005-0466