thr3ads.net - Secure testing commits - [Secure-testing-commits] r699

If this information is useful, please help other people find it:
Share via:

Moritz Muehlenhoff

2005-Mar-31 11:42 UTC

[Secure-testing-commits] r699 - sarge-checks/CAN

Author: jmm-guest
Date: 2005-03-31 11:42:03 +0000 (Thu, 31 Mar 2005)
New Revision: 699

Modified:
   sarge-checks/CAN/list
Log:
Check the Kerberos implementations for the telnet vulnerabilities.


Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list	2005-03-31 09:50:07 UTC (rev 698)
+++ sarge-checks/CAN/list	2005-03-31 11:42:03 UTC (rev 699)
@@ -1735,6 +1735,9 @@
 CAN-2005-0469 (Buffer overflow in the slc_add_reply function in various
BSD-based ...)
 	{DSA-699-1 DSA-697-1}
 	{ DSA-697-1}
+	TODO: heimdal contains a BSD derived telnet client as well, check whether
it''s vulnerable
+	TODO: krb4 contains a BSD derived telnet client as well, check whether
it''s vulnerable
+	TODO: krb5 contains a BSD derived telnet client as well, check whether
it''s vulnerable
 CAN-2005-0468 (Heap-based buffer overflow in the env_opt_add function in
telnet.c for ...)
 	TODO: check
 CAN-2005-0467 (Multiple integer overflows in the (1) sftp_pkt_getstring and (2)
...)

Secure testing commits - Mar 2005 - r699 - sarge-checks/CAN

[Secure-testing-commits] r699 - sarge-checks/CAN