cvs commit: src/contrib/telnet/telnet telnet.c
Jacques Vidrine
nectar at FreeBSD.org
Mon Mar 28 06:45:12 PST 2005
nectar 2005-03-28 14:45:12 UTC
FreeBSD src repository
Modified files:
contrib/telnet/telnet telnet.c
Log:
Correct a pair of buffer overflows in the telnet(1) command:
(CAN-2005-0468) A heap buffer overflow in env_opt_add() and related
functions.
(CAN-2005-0469) A global uninitialized data section buffer overflow in
slc_add_reply() and related functions.
As a result of these vulnerabilities, it may be possible for a malicious
telnet server or active network attacker to cause telnet(1) to execute
arbitrary code with the privileges of the user running it.
Security: CAN-2005-0468, CAN-2005-0469
Security: FreeBSD-SA-05:01.telnet
Security: http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities
Security: http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities
These fixes are based in part on patches
Submitted by: Solar Designer <solar at openwall.com>
Revision Changes Path
1.16 +24 -6 src/contrib/telnet/telnet/telnet.c
More information about the cvs-src
mailing list