CVE-2011-4862
Published: 25 December 2011
Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.
Notes
Author | Note |
---|---|
jdstrand | from DSA: "Kerberos support for telnetd contains a pre-authentication buffer overflow". did not check if this is protected via stack-protector yet |
mdeslaur | all affected code is in universe binaries |
Priority
Status
Package | Release | Status |
---|---|---|
heimdal Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Ignored
(end of life)
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Ignored
(end of life)
|
|
precise |
Not vulnerable
(1.6git20120311.dfsg.1-2)
|
|
quantal |
Ignored
(end of life)
|
|
raring |
Ignored
(end of life)
|
|
saucy |
Ignored
(end of life)
|
|
trusty |
Not vulnerable
(1.6git20120311.dfsg.1-2)
|
|
upstream |
Released
(1.5.2)
|
|
utopic |
Not vulnerable
(1.6git20120311.dfsg.1-2)
|
|
vivid |
Not vulnerable
(1.6git20120311.dfsg.1-2)
|
|
wily |
Not vulnerable
(1.6git20120311.dfsg.1-2)
|
|
xenial |
Not vulnerable
(1.6git20120311.dfsg.1-2)
|
|
yakkety |
Not vulnerable
(1.6git20120311.dfsg.1-2)
|
|
zesty |
Not vulnerable
(1.6git20120311.dfsg.1-2)
|
|
Patches: vendor: http://www.debian.org/security/2011/dsa-2372 |
||
Binaries built from this source package are in Universe and so are supported by the community. | ||
inetutils Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Ignored
(end of life)
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Ignored
(end of life)
|
|
precise |
Not vulnerable
(2:1.8-6)
|
|
quantal |
Ignored
(end of life)
|
|
raring |
Ignored
(end of life)
|
|
saucy |
Ignored
(end of life)
|
|
trusty |
Not vulnerable
(2:1.8-6)
|
|
upstream |
Released
(1.9)
|
|
utopic |
Not vulnerable
(2:1.8-6)
|
|
vivid |
Not vulnerable
(2:1.8-6)
|
|
wily |
Not vulnerable
(2:1.8-6)
|
|
xenial |
Not vulnerable
(2:1.8-6)
|
|
yakkety |
Not vulnerable
(2:1.8-6)
|
|
zesty |
Not vulnerable
(2:1.8-6)
|
|
Patches: vendor: http://www.debian.org/security/2011/dsa-2373 |
||
krb5 Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Not vulnerable
(code not present)
|
|
maverick |
Not vulnerable
(code not present)
|
|
natty |
Not vulnerable
(code not present)
|
|
oneiric |
Not vulnerable
(code not present)
|
|
precise |
Not vulnerable
(code not present)
|
|
quantal |
Not vulnerable
(code not present)
|
|
raring |
Not vulnerable
(code not present)
|
|
saucy |
Not vulnerable
(code not present)
|
|
trusty |
Not vulnerable
(code not present)
|
|
upstream |
Needs triage
|
|
utopic |
Not vulnerable
(code not present)
|
|
vivid |
Not vulnerable
(code not present)
|
|
wily |
Not vulnerable
(code not present)
|
|
xenial |
Not vulnerable
(code not present)
|
|
yakkety |
Not vulnerable
(code not present)
|
|
zesty |
Not vulnerable
(code not present)
|
|
Patches: vendor: http://www.debian.org/security/2011/dsa-2375 |
||
Binaries built from this source package are in Universe and so are supported by the community. | ||
krb5-appl Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Ignored
(end of life)
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Ignored
(end of life)
|
|
precise |
Ignored
(end of life)
|
|
quantal |
Ignored
(end of life)
|
|
raring |
Ignored
(end of life)
|
|
saucy |
Ignored
(end of life)
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
utopic |
Does not exist
|
|
vivid |
Does not exist
|
|
wily |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
Patches: vendor: http://www.debian.org/security/2011/dsa-2375 |