CVE-2005-0469
heimdal - buffer overflow
EPSS 47.8%
Description
Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.
How to fix CVE-2005-0469
To remediate CVE-2005-0469, upgrade the affected package to a fixed version below.
- Debian/heimdal—upgrade to 0.4e-7.woody.11 or later
- Debian/heimdal—upgrade to 0.6.3-10 or later
- Debian/krb5—upgrade to 1.3.6-2 or later
- —upgrade to 0.17-28 or later
- —upgrade to 0.17-18woody3 or later
- —upgrade to 0.17.24+0.1-7.1 or later
- —upgrade to 0.17.17+0.1-2woody4 or later
Is CVE-2005-0469 being exploited?
Moderate — EPSS is 47.8%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (7)
- from 0, < 0.4e-7.woody.11
- from 0, < 0.6.3-10
- from 0, < 1.3.6-2
- from 0, < 0.17-28
- from 0, < 0.17-18woody3
- from 0, < 0.17.24+0.1-7.1
- from 0, < 0.17.17+0.1-2woody4