About Ubuntu

=========================================================== Ubuntu Security Notice USN-253-1 February 17, 2006 heimdal vulnerability CVE-2006-0677 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) Ubuntu 5.10 (Breezy Badger) The following packages are affected: heimdal-servers The problem can be corrected by upgrading the affected package to version 0.6.2-3ubuntu0.3 (for Ubuntu 4.10), 0.6.3-7ubuntu1.3 (for Ubuntu 5.04), or 0.6.3-11ubuntu1.2 (for Ubuntu 5.10). In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: A remote Denial of Service vulnerability was discovered in the heimdal implementation of the telnet daemon. A remote attacker could force the server to crash due to a NULL de-reference before the user logged in, resulting in inetd turning telnetd off because it forked too fast. Please note that the heimdal-servers package is not officially supported in Ubuntu (it is in the 'universe' component of the archive). However, this affects you if you use a customized version built from the heimdal source package (which is supported).