• info
• discussion
• exploit
• solution
• references

Multiple Vendor Telnet Client Env_opt_add Heap-Based Buffer Overflow Vulnerability

Solution:
Please see the referenced advisories for details on obtaining and applying the appropriate updates.


Heimdal Heimdal 0.6

• Heimdal heimdal-0.6.4.tar.gz
  ftp://ftp.pdc.kth.se/pub/heimdal/src/heimdal-0.6.4.tar.gz

Heimdal Heimdal 0.6.1

• Heimdal heimdal-0.6.4.tar.gz
  ftp://ftp.pdc.kth.se/pub/heimdal/src/heimdal-0.6.4.tar.gz

MIT Kerberos 5 1.3.3

• Fedora krb5-debuginfo-1.3.6-4.i386.rpm
  RedHat Fedora Core 2
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/


• Fedora krb5-debuginfo-1.3.6-4.x86_64.rpm
  RedHat Fedora Core 2
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/


• Fedora krb5-devel-1.3.6-4.i386.rpm
  RedHat Fedora Core 2
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/


• Fedora krb5-devel-1.3.6-4.x86_64.rpm
  RedHat Fedora Core 2
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/


• Fedora krb5-libs-1.3.6-4.i386.rpm
  RedHat Fedora Core 2
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/


• Fedora krb5-libs-1.3.6-4.x86_64.rpm
  RedHat Fedora Core 2
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/


• Fedora krb5-server-1.3.6-4.i386.rpm
  RedHat Fedora Core 2
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/


• Fedora krb5-server-1.3.6-4.x86_64.rpm
  RedHat Fedora Core 2
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/


• Fedora krb5-workstation-1.3.6-4.i386.rpm
  RedHat Fedora Core 2
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/


• Fedora krb5-workstation-1.3.6-4.x86_64.rpm
  RedHat Fedora Core 2
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

MIT Kerberos 5 1.3.6

• Ubuntu krb5-admin-server_1.3.6-1ubuntu0.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-serv er_1.3.6-1ubuntu0.1_amd64.deb


• Ubuntu krb5-admin-server_1.3.6-1ubuntu0.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-serv er_1.3.6-1ubuntu0.1_powerpc.deb


• Ubuntu krb5-clients_1.3.6-1ubuntu0.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1. 3.6-1ubuntu0.1_amd64.deb


• Ubuntu krb5-clients_1.3.6-1ubuntu0.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1. 3.6-1ubuntu0.1_i386.deb


• Ubuntu krb5-clients_1.3.6-1ubuntu0.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1. 3.6-1ubuntu0.1_powerpc.deb


• Ubuntu krb5-ftpd_1.3.6-1ubuntu0.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.3.6 -1ubuntu0.1_amd64.deb


• Ubuntu krb5-ftpd_1.3.6-1ubuntu0.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.3.6 -1ubuntu0.1_i386.deb


• Ubuntu krb5-ftpd_1.3.6-1ubuntu0.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.3.6 -1ubuntu0.1_powerpc.deb


• Ubuntu krb5-kdc_1.3.6-1ubuntu0.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.3.6- 1ubuntu0.1_amd64.deb


• Ubuntu krb5-kdc_1.3.6-1ubuntu0.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.3.6- 1ubuntu0.1_i386.deb


• Ubuntu krb5-kdc_1.3.6-1ubuntu0.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.3.6- 1ubuntu0.1_powerpc.deb


• Ubuntu krb5-rsh-server_1.3.6-1ubuntu0.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server _1.3.6-1ubuntu0.1_amd64.deb


• Ubuntu krb5-rsh-server_1.3.6-1ubuntu0.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server _1.3.6-1ubuntu0.1_i386.deb


• Ubuntu krb5-rsh-server_1.3.6-1ubuntu0.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server _1.3.6-1ubuntu0.1_powerpc.deb


• Ubuntu krb5-telnetd_1.3.6-1ubuntu0.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1. 3.6-1ubuntu0.1_amd64.deb


• Ubuntu krb5-telnetd_1.3.6-1ubuntu0.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1. 3.6-1ubuntu0.1_i386.deb


• Ubuntu krb5-telnetd_1.3.6-1ubuntu0.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1. 3.6-1ubuntu0.1_powerpc.deb


• Ubuntu krb5-user_1.3.6-1ubuntu0.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.3.6 -1ubuntu0.1_amd64.deb


• Ubuntu krb5-user_1.3.6-1ubuntu0.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.3.6 -1ubuntu0.1_i386.deb


• Ubuntu krb5-user_1.3.6-1ubuntu0.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.3.6 -1ubuntu0.1_powerpc.deb


• Ubuntu libkadm1-kerberos4kth_1.2.2-11.1ubuntu2.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb4/libkadm1-kerberos4k th_1.2.2-11.1ubuntu2.1_amd64.deb


• Ubuntu libkadm55_1.3.6-1ubuntu0.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.3.6-1ub untu0.1_amd64.deb


• Ubuntu libkadm55_1.3.6-1ubuntu0.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.3.6-1ub untu0.1_i386.deb


• Ubuntu libkadm55_1.3.6-1ubuntu0.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.3.6-1ub untu0.1_powerpc.deb


• Ubuntu libkrb5-dev_1.3.6-1ubuntu0.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.3.6-1 ubuntu0.1_amd64.deb


• Ubuntu libkrb5-dev_1.3.6-1ubuntu0.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.3.6-1 ubuntu0.1_i386.deb


• Ubuntu libkrb5-dev_1.3.6-1ubuntu0.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.3.6-1 ubuntu0.1_powerpc.deb


• Ubuntu libkrb53_1.3.6-1ubuntu0.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.3.6-1ubu ntu0.1_amd64.deb


• Ubuntu libkrb53_1.3.6-1ubuntu0.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.3.6-1ubu ntu0.1_i386.deb


• Ubuntu libkrb53_1.3.6-1ubuntu0.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.3.6-1ubu ntu0.1_powerpc.deb


• Ubuntu libkthacl1-kerberos4kth_1.2.2-11.1ubuntu2.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb4/libkthacl1-kerberos 4kth_1.2.2-11.1ubuntu2.1_i386.deb


• Ubuntu libkthacl1-kerberos4kth_1.2.2-11.1ubuntu2.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb4/libkthacl1-kerberos 4kth_1.2.2-11.1ubuntu2.1_powerpc.deb


• Ubuntu kerberos4kth-clients-x_1.2.2-11.1ubuntu2.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb4/kerberos4kth-cl ients-x_1.2.2-11.1ubuntu2.1_amd64.deb


• Ubuntu krb5-admin-server_1.3.6-1ubuntu0.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-serv er_1.3.6-1ubuntu0.1_amd64.deb


• Ubuntu krb5-admin-server_1.3.6-1ubuntu0.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-serv er_1.3.6-1ubuntu0.1_i386.deb


• Ubuntu krb5-admin-server_1.3.6-1ubuntu0.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-admin-serv er_1.3.6-1ubuntu0.1_powerpc.deb


• Ubuntu krb5-clients_1.3.6-1ubuntu0.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1. 3.6-1ubuntu0.1_amd64.deb


• Ubuntu krb5-clients_1.3.6-1ubuntu0.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1. 3.6-1ubuntu0.1_i386.deb


• Ubuntu krb5-clients_1.3.6-1ubuntu0.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-clients_1. 3.6-1ubuntu0.1_powerpc.deb


• Ubuntu krb5-doc_1.3.6-1ubuntu0.1_all.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb5/krb5-doc_1.3.6-1ubu ntu0.1_all.deb


• Ubuntu krb5-ftpd_1.3.6-1ubuntu0.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.3.6 -1ubuntu0.1_amd64.deb


• Ubuntu krb5-ftpd_1.3.6-1ubuntu0.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.3.6 -1ubuntu0.1_i386.deb


• Ubuntu krb5-ftpd_1.3.6-1ubuntu0.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-ftpd_1.3.6 -1ubuntu0.1_powerpc.deb


• Ubuntu krb5-kdc_1.3.6-1ubuntu0.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.3.6- 1ubuntu0.1_amd64.deb


• Ubuntu krb5-kdc_1.3.6-1ubuntu0.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.3.6- 1ubuntu0.1_i386.deb


• Ubuntu krb5-kdc_1.3.6-1ubuntu0.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-kdc_1.3.6- 1ubuntu0.1_powerpc.deb


• Ubuntu krb5-rsh-server_1.3.6-1ubuntu0.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server _1.3.6-1ubuntu0.1_amd64.deb


• Ubuntu krb5-rsh-server_1.3.6-1ubuntu0.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server _1.3.6-1ubuntu0.1_i386.deb


• Ubuntu krb5-rsh-server_1.3.6-1ubuntu0.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-rsh-server _1.3.6-1ubuntu0.1_powerpc.deb


• Ubuntu krb5-telnetd_1.3.6-1ubuntu0.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1. 3.6-1ubuntu0.1_amd64.deb


• Ubuntu krb5-telnetd_1.3.6-1ubuntu0.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1. 3.6-1ubuntu0.1_i386.deb


• Ubuntu krb5-telnetd_1.3.6-1ubuntu0.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-telnetd_1. 3.6-1ubuntu0.1_powerpc.deb


• Ubuntu krb5-user_1.3.6-1ubuntu0.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.3.6 -1ubuntu0.1_amd64.deb


• Ubuntu krb5-user_1.3.6-1ubuntu0.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.3.6 -1ubuntu0.1_i386.deb


• Ubuntu krb5-user_1.3.6-1ubuntu0.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/universe/k/krb5/krb5-user_1.3.6 -1ubuntu0.1_powerpc.deb


• Ubuntu libkadm1-kerberos4kth_1.2.2-11.1ubuntu2.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb4/libkadm1-kerberos4k th_1.2.2-11.1ubuntu2.1_i386.deb


• Ubuntu libkadm55_1.3.6-1ubuntu0.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.3.6-1ub untu0.1_amd64.deb


• Ubuntu libkadm55_1.3.6-1ubuntu0.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.3.6-1ub untu0.1_i386.deb


• Ubuntu libkadm55_1.3.6-1ubuntu0.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkadm55_1.3.6-1ub untu0.1_powerpc.deb


• Ubuntu libkafs0-kerberos4kth_1.2.2-11.1ubuntu2.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb4/libkafs0-kerberos4k th_1.2.2-11.1ubuntu2.1_i386.deb


• Ubuntu libkrb5-dev_1.3.6-1ubuntu0.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.3.6-1 ubuntu0.1_amd64.deb


• Ubuntu libkrb5-dev_1.3.6-1ubuntu0.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.3.6-1 ubuntu0.1_i386.deb


• Ubuntu libkrb5-dev_1.3.6-1ubuntu0.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb5-dev_1.3.6-1 ubuntu0.1_powerpc.deb


• Ubuntu libkrb53_1.3.6-1ubuntu0.1_amd64.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.3.6-1ubu ntu0.1_amd64.deb


• Ubuntu libkrb53_1.3.6-1ubuntu0.1_i386.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.3.6-1ubu ntu0.1_i386.deb


• Ubuntu libkrb53_1.3.6-1ubuntu0.1_powerpc.deb
  Ubuntu 5.04 (Hoary Hedgehog)
  http://security.ubuntu.com/ubuntu/pool/main/k/krb5/libkrb53_1.3.6-1ubu ntu0.1_powerpc.deb

Apple Mac OS X Server 10.3.8

• Apple SecUpdSrvr2005-003Pan.dmg
  http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=05530&plat form=osx&method=sa/SecUpdSrvr2005-003Pan.dmg

Debian Linux 3.0 mips

• Debian telnet_0.17-18woody3_mips.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0. 17-18woody3_mips.deb


• Debian telnetd_0.17-18woody3_mips.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0 .17-18woody3_mips.deb

Debian Linux 3.0 mipsel

• Debian telnet_0.17-18woody3_mipsel.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/n/netkit-telnet/telnet_0. 17-18woody3_mipsel.deb


• Debian telnetd_0.17-18woody3_mipsel.deb
  Debian GNU/Linux 3.0 alias woody
  http://security.debian.org/pool/updates/main/n/netkit-telnet/telnetd_0 .17-18woody3_mipsel.deb

SCO Unixware 7.1.1

• SCO SCOSA-2005.21
  ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.21

SCO Unixware 7.1.4

• SCO SCOSA-2005.21
  ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.21