diff options
| author | nectar <nectar@FreeBSD.org> | 2005-03-28 14:45:12 +0000 |
|---|---|---|
| committer | nectar <nectar@FreeBSD.org> | 2005-03-28 14:45:12 +0000 |
| commit | fc3b18bce3b10b7d9e27cd9e8367fab8a69f3e98 (patch) | |
| tree | 41cf0a68bb1930696282e251e4e439e6a2a9ece9 /contrib/tcsh/sh.func.c | |
| parent | 4084503aa0661ec56a1210075613cb93b1f6e762 (diff) | |
| download | FreeBSD-src-fc3b18bce3b10b7d9e27cd9e8367fab8a69f3e98.zip FreeBSD-src-fc3b18bce3b10b7d9e27cd9e8367fab8a69f3e98.tar.gz | |
Correct a pair of buffer overflows in the telnet(1) command:
(CAN-2005-0468) A heap buffer overflow in env_opt_add() and related
functions.
(CAN-2005-0469) A global uninitialized data section buffer overflow in
slc_add_reply() and related functions.
As a result of these vulnerabilities, it may be possible for a malicious
telnet server or active network attacker to cause telnet(1) to execute
arbitrary code with the privileges of the user running it.
Security: CAN-2005-0468, CAN-2005-0469
Security: FreeBSD-SA-05:01.telnet
Security: http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities
Security: http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities
These fixes are based in part on patches
Submitted by: Solar Designer <solar@openwall.com>
Diffstat (limited to 'contrib/tcsh/sh.func.c')
0 files changed, 0 insertions, 0 deletions
