krb5-appl-1.0.1-10.AXS4
エラータID: AXSA:2020-4695:01
The krb5-appl packages contain Kerberos-aware versions of telnet, ftp, rsh, and rlogin clients and servers. Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and trusted third-party, the Key Distribution Center (KDC).
Security Fix(es):
* telnet-server: no bounds checks in nextitem() function allows to remotely execute arbitrary code (CVE-2020-10188)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2020-10188
utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.
Update packages.
utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.
N/A
SRPMS
- krb5-appl-1.0.1-10.AXS4.src.rpm
MD5: bb27feebfb37b0c3d22256edcb5815da
SHA-256: f36ab959a633e0134dc76785e4c80bad461cca62428de37a23a83c2fbde33d39
Size: 727.46 kB
Asianux Server 4 for x86
- krb5-appl-clients-1.0.1-10.AXS4.i686.rpm
MD5: 9b3cde488833a3db4a420bdc8f708643
SHA-256: c05a7dedd18e1f82897d5794cf4aa4f5033f24768a19067984e8ae3d8474699c
Size: 224.20 kB - krb5-appl-servers-1.0.1-10.AXS4.i686.rpm
MD5: c29791f1da2182122bb038b9c4fbc4d7
SHA-256: d378205d80e9cfc2dc28603d27caf642528a2596555729d60540b2ddb27b6b1e
Size: 200.09 kB
Asianux Server 4 for x86_64
- krb5-appl-clients-1.0.1-10.AXS4.x86_64.rpm
MD5: e15a9a2e2f8c14026011087385db852f
SHA-256: 9c29d0cb1c948cd170e1b73441870140baaf436064dd7ae0180afe5e8de02e86
Size: 228.66 kB - krb5-appl-servers-1.0.1-10.AXS4.x86_64.rpm
MD5: 2c80614c17d8848d05261f89e2170318
SHA-256: 1fe1d15d45faf436241ac06e0082cc6d11127ebec9b05b270333f3f4a5a6049a
Size: 202.49 kB
日本語