CVE-2011-4862

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2011-4862
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2011-4862.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2011-4862
Related
Published
2011-12-25T01:55:02Z
Modified
2024-06-30T12:01:22Z
Summary
[none]
Details

Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.

References

Affected packages

Debian:11 / heimdal

Package

Name
heimdal
Purl
pkg:deb/debian/heimdal?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.5.dfsg.1-1

Ecosystem specific

{
    "urgency": "high"
}

Debian:12 / heimdal

Package

Name
heimdal
Purl
pkg:deb/debian/heimdal?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.5.dfsg.1-1

Ecosystem specific

{
    "urgency": "high"
}

Debian:13 / heimdal

Package

Name
heimdal
Purl
pkg:deb/debian/heimdal?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.5.dfsg.1-1

Ecosystem specific

{
    "urgency": "high"
}

Debian:11 / inetutils

Package

Name
inetutils
Purl
pkg:deb/debian/inetutils?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1.8-6

Ecosystem specific

{
    "urgency": "high"
}

Debian:12 / inetutils

Package

Name
inetutils
Purl
pkg:deb/debian/inetutils?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1.8-6

Ecosystem specific

{
    "urgency": "high"
}

Debian:13 / inetutils

Package

Name
inetutils
Purl
pkg:deb/debian/inetutils?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1.8-6

Ecosystem specific

{
    "urgency": "high"
}

Debian:11 / krb5

Package

Name
krb5
Purl
pkg:deb/debian/krb5?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8+dfsg~aa+r23527-1

Ecosystem specific

{
    "urgency": "high"
}

Debian:12 / krb5

Package

Name
krb5
Purl
pkg:deb/debian/krb5?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8+dfsg~aa+r23527-1

Ecosystem specific

{
    "urgency": "high"
}

Debian:13 / krb5

Package

Name
krb5
Purl
pkg:deb/debian/krb5?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8+dfsg~aa+r23527-1

Ecosystem specific

{
    "urgency": "high"
}