Author: jmm-guest
Date: 2005-04-24 13:49:41 +0000 (Sun, 24 Apr 2005)
New Revision: 902
Modified:
sarge-checks/CAN/list
Log:
Filed bug for krb4 telnet slc_reply buffer overflow.
Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list 2005-04-24 13:27:46 UTC (rev 901)
+++ sarge-checks/CAN/list 2005-04-24 13:49:41 UTC (rev 902)
@@ -2496,13 +2496,13 @@
- wpasupplicant 0.3.8-1
CAN-2005-0469 (Buffer overflow in the slc_add_reply function in various
BSD-based ...)
{DSA-703-1 DSA-699-1 DSA-697-1}
- TODO: krb4 contains a BSD derived telnet client as well, check whether
it''s vulnerable
+ - krb4 (unfixed; bug filed)
- krb5 1.3.6-2
- heimdal (unfixed; bug #305574)
CAN-2005-0468 (Heap-based buffer overflow in the env_opt_add function in
telnet.c for ...)
{DSA-703-1}
- krb5 1.3.6-2
- TODO: check krb4, netkit-telnet, netkit-telnet, netkit-telnet-ssl
+ TODO: check netkit-telnet, netkit-telnet, netkit-telnet-ssl
CAN-2005-0467 (Multiple integer overflows in the (1) sftp_pkt_getstring and (2)
...)
- putty 0.57-1
CAN-2005-0466