exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2005-0469

Status Candidate

Overview

Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.

Related Files

Debian Linux Security Advisory 765-1
Posted Jul 28, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 765-1 - A buffer overflow was discovered in the handling of the LINEMODE suboptions in telnet clients. Heimdal, a free implementation of Kerberos 5, also contains such a client. This can lead to the execution of arbitrary code when connected to a malicious server.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2005-0469
SHA-256 | b7baf9fd1de6d686f58aaba35950d80f6e018eae34e768acc7cda018e5fabe46
Gentoo Linux Security Advisory 200504-28
Posted Jun 24, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200504-28 - Buffer overflow vulnerabilities in the slc_add_reply() and env_opt_add() functions have been discovered by Gael Delalleau in the telnet client in Heimdal. Versions less than 0.6.4 are affected.

tags | advisory, overflow, vulnerability
systems | linux, gentoo
advisories | CVE-2005-0468, CVE-2005-0469
SHA-256 | 8f9785ac0de012dcf5e162da16f150a5a3fc8423a3b5bf8c8f0c7332c37b590a
SCOSA-2005.21.txt
Posted Apr 18, 2005
Site sco.com

SCO Security Advisory - Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.

tags | advisory, remote, overflow, arbitrary, local
systems | bsd
advisories | CVE-2005-0469, CVE-2005-0468
SHA-256 | 47e004e77d661de8734283de6bd87cbb7957bfb833df1fdc601dad8e564ad138
Gentoo Linux Security Advisory 200504-4
Posted Apr 17, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200504-04 - A buffer overflow has been identified in the env_opt_add() function, where a response requiring excessive escaping can cause a heap-based buffer overflow. Another issue has been identified in the slc_add_reply() function, where a large number of SLC commands can overflow a fixed size buffer. Versions less than 1.3.6-r2 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2005-0468, CVE-2005-0469
SHA-256 | f7217e2ad04e61a5c5b3356d23794f6432906bf4faad357820a6f61c4c363c80
dsa-703.txt
Posted Apr 14, 2005
Site debian.org

Debian Security Advisory 703-1 - Several problems have been discovered in telnet clients that could be exploited by malicious daemons the client connects to.

tags | advisory
systems | linux, debian
advisories | CVE-2005-0468, CVE-2005-0469
SHA-256 | 1ac05e13e0e9da51cc975b5afcfe0deb017a7fea3c67f4ae413519a3f368e36d
Gentoo Linux Security Advisory 200504-1
Posted Apr 14, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200504-01 - A buffer overflow has been identified in the env_opt_add() function of telnet-bsd, where a response requiring excessive escaping can cause a heap-based buffer overflow. Another issue has been identified in the slc_add_reply() function, where a large number of SLC commands can overflow a fixed size buffer. Versions less than 1.0-r1 are affected.

tags | advisory, overflow
systems | linux, bsd, gentoo
advisories | CVE-2005-0468, CVE-2005-0469
SHA-256 | 8bcffc55a21a03c699efde904973c6c98e6c6c72680e822371928de3faa85894
Gentoo Linux Security Advisory 200503-36
Posted Apr 14, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200503-36 - A buffer overflow has been identified in the slc_add_reply() function of netkit-telnetd client, where a large number of SLC commands can overflow a fixed size buffer. Versions less than 0.17-r6 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2005-0469
SHA-256 | 1868fcdcf2f0bfbda08529e6d74101e0bc273dab98c9b392c2cfd74dac5431f6
iDEFENSE Security Advisory 2005-03-28.1
Posted Mar 29, 2005
Authored by iDefense Labs, Gael Delalleau | Site idefense.com

iDEFENSE Security Advisory 03.28.05 - Remote exploitation of an buffer overflow vulnerability error in multiple telnet clients may allow execution of arbitrary commands. The vulnerability specifically exists in the handling of the LINEMODE suboptions, in that there is no size check made on the output, which is stored in a fixed length buffer. iDEFENSE has confirmed the existence of the vulnerability in the telnet client included in the Kerberos V5 Release 1.3.6 package and the client included in the SUNWtnetc package of Solaris 5.9. It is suspected that most BSD based telnet clients are affected by this vulnerability.

tags | advisory, remote, overflow, arbitrary
systems | solaris, bsd
advisories | CVE-2005-0469
SHA-256 | 9a3b7b73eb08fc8817b92e7dac30a75b72f3c015d5bbd074dbfb8f930414a6f2
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close