Vulnerability Details CVE-2005-2040
Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal before 0.6.5 may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2005-0468 and CVE-2005-0469.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.02
EPSS Ranking 82.9%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/15718
- http://www.debian.org/security/2005/dsa-758
- http://www.gentoo.org/security/en/glsa/glsa-200506-24.xml
- http://www.novell.com/linux/security/advisories/2005_40_heimdal.html
- http://www.pdc.kth.se/heimdal/advisory/2005-06-20/
- http://secunia.com/advisories/15718
- http://www.debian.org/security/2005/dsa-758
- http://www.gentoo.org/security/en/glsa/glsa-200506-24.xml
- http://www.novell.com/linux/security/advisories/2005_40_heimdal.html
- http://www.pdc.kth.se/heimdal/advisory/2005-06-20/
Products affected by CVE-2005-2040
-
cpe:2.3:a:telnetd:telnetd:0.3f
-
cpe:2.3:a:telnetd:telnetd:0.4a
-
cpe:2.3:a:telnetd:telnetd:0.4b
-
cpe:2.3:a:telnetd:telnetd:0.4c
-
cpe:2.3:a:telnetd:telnetd:0.4d
-
cpe:2.3:a:telnetd:telnetd:0.4e
-
cpe:2.3:a:telnetd:telnetd:0.5.0
-
cpe:2.3:a:telnetd:telnetd:0.5.1
-
cpe:2.3:a:telnetd:telnetd:0.5.2
-
cpe:2.3:a:telnetd:telnetd:0.5.3
-
cpe:2.3:a:telnetd:telnetd:0.6
-
cpe:2.3:a:telnetd:telnetd:0.6.1
-
cpe:2.3:a:telnetd:telnetd:0.6.2