|Category:||Ubuntu Local Security Checks|
|Title:||Ubuntu USN-253-1 (heimdal)|
|Summary:||Ubuntu USN-253-1 (heimdal)|
The remote host is missing an update to heimdal
announced via advisory USN-253-1.
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)
Ubuntu 5.10 (Breezy Badger)
The following packages are affected: heimdal-servers
A remote Denial of Service vulnerability was discovered in the heimdal
implementation of the telnet daemon. A remote attacker could force the
server to crash due to a NULL de-reference before the user logged in,
resulting in inetd turning telnetd off because it forked too fast.
Please note that the heimdal-servers package is not officially
supported in Ubuntu (it is in the 'universe' component of the
archive). However, this affects you if you use a customized version
built from the heimdal source package (which is supported).
The problem can be corrected by upgrading the affected package to
version 0.6.2-3ubuntu0.3 (for Ubuntu 4.10), 0.6.3-7ubuntu1.3 (for
Ubuntu 5.04), or 0.6.3-11ubuntu1.2 (for Ubuntu 5.10). In general, a
standard system upgrade is sufficient to effect the necessary changes.
Risk factor : High
BugTraq ID: 16676|
Common Vulnerability Exposure (CVE) ID: CVE-2006-0677
Debian Security Information: DSA-977 (Google Search)
SuSE Security Announcement: SUSE-SA:2006:011 (Google Search)
XForce ISS Database: heimdal-telnetd-dos(24763)
|Copyright||Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com|
|This is only one of 40037 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.