CVE-2005-2040

NameCVE-2005-2040
DescriptionMultiple buffer overflows in the getterminaltype function in telnetd for Heimdal before 0.6.5 may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2005-0468 and CVE-2005-0469.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-758-1
NVD severitymedium (attack range: remote)
Debian Bugs315065, 315086
Debian/oldoldstablenot vulnerable.
Debian/oldstablenot vulnerable.
Debian/stablenot vulnerable.
Debian/testingnot vulnerable.
Debian/unstablenot vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
heimdal (PTS)squeeze, squeeze (security)1.4.0~git20100726.dfsg.1-2+squeeze1fixed
wheezy1.6~git20120403+dfsg1-2fixed
jessie1.6~rc2+dfsg-9fixed
stretch, sid1.6~rc2+dfsg-10fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
heimdalsource(unstable)0.6.3-11high315065, 315086
heimdalsourcesarge0.6.3-10sarge1mediumDSA-758-1
heimdalsourcewoody0.4e-7.woody.10mediumDSA-758-1

Search for package or bug name: Reporting problems