CVE-2005-0469

Publication date 2 May 2005

Last updated 17 July 2025

Ubuntu priority

Description

Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
heimdal	7.04 feisty	Fixed 0.7.1-1ubuntu3
	6.10 edgy	Fixed 0.7.1-1ubuntu3
	6.06 LTS dapper	Fixed 0.7.1-1ubuntu3
krb4	7.04 feisty	Not in release
	6.10 edgy	Fixed 1.2.2-11.3ubuntu4
	6.06 LTS dapper	Fixed 1.2.2-11.3ubuntu4
krb5	7.04 feisty	Fixed 1.4.4-5ubuntu3.3
	6.10 edgy	Fixed 1.4.3-9ubuntu1.5
	6.06 LTS dapper	Fixed 1.4.3-5ubuntu0.6
netkit-telnet	7.04 feisty	Fixed 0.17-32
	6.10 edgy	Fixed 0.17-32
	6.06 LTS dapper	Fixed 0.17-32
netkit-telnet-ssl	7.04 feisty	Fixed 0.17.24+0.1-9
	6.10 edgy	Fixed 0.17.24+0.1-9
	6.06 LTS dapper	Fixed 0.17.24+0.1-9

References

Related Ubuntu Security Notices (USN)

USN-101-1
telnet vulnerabilities
29 March 2005

USN-224-1
Kerberos vulnerabilities
6 December 2005

Other references

https://www.cve.org/CVERecord?id=CVE-2005-0469