CVE-2005-0488 Affecting krb5 package, versions <1.8.3+dfsg-4
Threat Intelligence
EPSS
1.11% (85th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DEBIAN10-KRB5-395911
- published 14 Jun 2005
- disclosed 14 Jun 2005
Introduced: 14 Jun 2005
CVE-2005-0488 Open this link in a new tabHow to fix?
Upgrade Debian:10
krb5
to version 1.8.3+dfsg-4 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream krb5
package and not the krb5
package as distributed by Debian
.
See How to fix?
for Debian:10
relevant fixed versions and status.
Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.
References
- https://security-tracker.debian.org/tracker/CVE-2005-0488
- http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html
- http://www.us-cert.gov/cas/techalerts/TA06-214A.html
- http://www.kb.cert.org/vuls/id/800829
- http://idefense.com/application/poi/display?id=260&type=vulnerabilities
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11373
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1139
- http://securitytracker.com/id?1014203
- http://secunia.com/advisories/17135
- http://secunia.com/advisories/21253
- http://www.securityfocus.com/bid/13940
- http://www.securityfocus.com/bid/19289
- http://www.novell.com/linux/security/advisories/2005_16_sr.html
- http://www.vupen.com/english/advisories/2006/3101
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1
- http://www.redhat.com/support/errata/RHSA-2005-504.html
- http://www.redhat.com/support/errata/RHSA-2005-562.html
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1
CVSS Scores
version 3.1