krb5-appl: Fixed remote buffer overflow in ktelnetd
This update of krb5 applications fixes two security issues.
CVE-2011-4862: A remote code execution in the kerberized
telnet daemon was fixed. (This only affects the ktelnetd
from the krb5-appl RPM, not the regular telnetd supplied by
SUSE.)
CVE-2011-1526 / MITKRB5-SA-2011-005: Fixed krb5 ftpd
unauthorized file access problems.
-
Submitted by
Adrian Schröter (adrianSuSE)
- Version 5593
Fixed bugs
bnc#738632
VUL-0: CVE-2011-4862: krb5: remote heap based buffer overflow
bnc#698471
VUL-1: krb5 ftpd unauthorized file access
CVE#CVE-2011-4862
Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, and Heimdal 1.5.1 and earlier allows remote attackers to execute arbitrary code via a long encryption key,
