exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

CVE-2011-4862

Status Candidate

Overview

Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.

Related Files

Cisco Ironport WSA telnetd Remote Code Execution
Posted Oct 22, 2014
Authored by Glafkos Charalambous

The Cisco Ironport WSA virtual appliances are vulnerable to an old FreeBSD telnetd encryption Key ID buffer overflow which allows remote attackers to execute arbitrary code. Cisco WSA Virtual appliances have the vulnerable telnetd daemon enabled by default.

tags | advisory, remote, overflow, arbitrary
systems | cisco, freebsd
advisories | CVE-2011-4862
SHA-256 | 1e50defbccefef3b6417c5dae6f4b42e12ae0ee91e5966ab9e31f8406c261827
VMware Security Advisory 2012-0006
Posted Mar 30, 2012
Authored by VMware | Site vmware.com

VMware Security Advisory 2012-0006 - VMware ESXi and ESX address several security issues.

tags | advisory
advisories | CVE-2011-2482, CVE-2011-3191, CVE-2011-4348, CVE-2011-4862, CVE-2012-1515
SHA-256 | c6e864dff9dcf56bf615c9e583291146b0b85366456ccd6d12ad89425be75c54
Gentoo Linux Security Advisory 201202-05
Posted Feb 23, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201202-5 - A boundary error in Heimdal could result in execution of arbitrary code. Versions less than 1.5.1-r1 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
advisories | CVE-2011-4862
SHA-256 | 42de8a2cf7db4d885a1b8457f558eaa5bf8b942213be6c388b6bd72267ca7dfa
Cisco Security Advisory 20120126-ironport
Posted Jan 26, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco IronPort Email Security Appliances (ESA) and Cisco IronPort Security Management Appliances (SMA) contain a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code with elevated privileges. Workarounds that mitigate this vulnerability are available.

tags | advisory, remote, arbitrary
systems | cisco
advisories | CVE-2011-4862, CVE-2011-4862
SHA-256 | 4864f4e17fe47b8f6178a603e1cc20bb9f967ec80c223712f14bfa2e367c5c8c
Gentoo Linux Security Advisory 201201-14
Posted Jan 24, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201201-14 - Multiple vulnerabilities have been found in MIT Kerberos 5 Applications, the most severe of which may allow execution of arbitrary code. Versions less than 1.0.2-r1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-1526, CVE-2011-4862
SHA-256 | 135efe09c96ca20d9d7663d923e21a56811a5e27a66d4ef706f14ced5d977da9
FreeBSD telnetd Remote Root
Posted Jan 16, 2012
Authored by knull | Site leethack.info

This python script tests for the remote root vulnerability in encryption support for telnetd on FreeBSD systems.

tags | exploit, remote, root, python
systems | freebsd
advisories | CVE-2011-4862
SHA-256 | 4249e9430985117ad8d3275e803d36e641c4beae4c0f6950bde8f0af5b3e100c
FreeBSD based telnetd encrypt_key_id brute force
Posted Jan 11, 2012
Site metasploit.com

This Metasploit module exploits a buffer overflow in the encryption option handler of the FreeBSD telnet service.

tags | exploit, overflow
systems | freebsd
advisories | CVE-2011-4862, OSVDB-78020
SHA-256 | 26a4211c976648be259b01d70ead3c15515210a76cfa2f2e831ab504568547e8
Red Hat Security Advisory 2011-1854-01
Posted Dec 29, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1854-01 - The krb5-appl packages provide Kerberos-aware telnet, ftp, rcp, rsh, and rlogin clients and servers. Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center. A buffer overflow flaw was found in the MIT krb5 telnet daemon. A remote attacker who can access the telnet port of a target machine could use this flaw to execute arbitrary code as root. Note that the krb5 telnet daemon is not enabled by default in any version of Red Hat Enterprise Linux. In addition, the default firewall rules block remote access to the telnet port. This flaw does not affect the telnet daemon distributed in the telnet-server package.

tags | advisory, remote, overflow, arbitrary, root
systems | linux, redhat
advisories | CVE-2011-4862
SHA-256 | 83eeef5fda24f5ac7761e4f57831e666f9cbabd3903c9a02dd52b0a24721586b
Red Hat Security Advisory 2011-1853-01
Posted Dec 29, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1853-01 - Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center. A buffer overflow flaw was found in the MIT krb5 telnet daemon. A remote attacker who can access the telnet port of a target machine could use this flaw to execute arbitrary code as root. Note that the krb5 telnet daemon is not enabled by default in any version of Red Hat Enterprise Linux. In addition, the default firewall rules block remote access to the telnet port. This flaw does not affect the telnet daemon distributed in the telnet-server package.

tags | advisory, remote, overflow, arbitrary, root
systems | linux, redhat
advisories | CVE-2011-4862
SHA-256 | 3769a5da3eca30398718bea8bed258601bbb8e2a1a21a41031c17dcfeb542759
MIT krb5 Security Advisory 2011-008
Posted Dec 28, 2011
Site web.mit.edu

MIT krb5 Security Advisory 2011-008 - The telnet daemon (telnetd) in MIT krb5 (and in krb5-appl after the applications were moved to a separate distribution for krb5-1.8) is vulnerable to a buffer overflow. The flaw does not require authentication to exploit. Exploit code is reported to be actively used in the wild.

tags | advisory, overflow
advisories | CVE-2011-4862
SHA-256 | 94f4852b4ef0d480fd44f6fff8a1a449daff42441b00c788d6970db82695afc2
Mandriva Linux Security Advisory 2011-195
Posted Dec 28, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-195 - A vulnerability has been discovered and corrected in krb5-appl, heimdal and netkit-telnet. An unauthenticated remote attacker can cause a buffer overflow and probably execute arbitrary code with the privileges of the telnet daemon. In Mandriva the telnetd daemon from the netkit-telnet-server package does not have an initscript to start and stop the service, however one could rather easily craft an initscript or start the service by other means rendering the system vulnerable to this issue. The updated packages have been patched to correct this issue.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2011-4862
SHA-256 | 088c8d790f512be759b35321724ad47890342945dbacb0e3d9083cc426187e2c
Linux BSD-derived Telnet Service Encyption Key ID Buffer Overflow
Posted Dec 28, 2011
Site metasploit.com

This Metasploit module exploits a buffer overflow in the encryption option handler of the Linux BSD-derived telnet service (inetutils or krb5-telnet). Most Linux distributions use NetKit-derived telnet daemons, so this flaw only applies to a small subset of Linux systems running telnetd.

tags | exploit, overflow
systems | linux, bsd
advisories | CVE-2011-4862
SHA-256 | bb350fce364cccea32d543a818c1ec5ccbfecf4e11c746fbe8c7d8b76c2cfd89
FreeBSD Telnet Service Encyption Key ID Buffer Overflow
Posted Dec 28, 2011
Site metasploit.com

This Metasploit module exploits a buffer overflow in the encryption option handler of the FreeBSD telnet service.

tags | exploit, overflow
systems | freebsd
advisories | CVE-2011-4862
SHA-256 | 5c027aef49c6a33044ddd945cfc6d9db2dfdaac94f49b241b9d556902a49848a
FreeBSD Security Advisory - telnetd Code Execution
Posted Dec 27, 2011
Site security.freebsd.org

FreeBSD Security Advisory - When an encryption key is supplied via the TELNET protocol, its length is not validated before the key is copied into a fixed-size buffer. An attacker who can connect to the telnetd daemon can execute arbitrary code with the privileges of the daemon (which is usually the "root" superuser).

tags | advisory, arbitrary, root, protocol
systems | freebsd
advisories | CVE-2011-4862
SHA-256 | c92e3537ea4a9d4333d9b238da051a9f86ab6782c92ea9627150610dbec5e756
Red Hat Security Advisory 2011-1852-02
Posted Dec 27, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1852-02 - The krb5-appl packages provide Kerberos-aware telnet, ftp, rcp, rsh, and rlogin clients and servers. Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center. A buffer overflow flaw was found in the MIT krb5 telnet daemon. A remote attacker who can access the telnet port of a target machine could use this flaw to execute arbitrary code as root.

tags | advisory, remote, overflow, arbitrary, root
systems | linux, redhat
advisories | CVE-2011-4862
SHA-256 | 611b0465bb7429b56ae4ca7c0441b264da38bb0f332f78625ca03d057ffe1604
Red Hat Security Advisory 2011-1851-01
Posted Dec 27, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1851-01 - Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third- party, the Key Distribution Center. A buffer overflow flaw was found in the MIT krb5 telnet daemon. A remote attacker who can access the telnet port of a target machine could use this flaw to execute arbitrary code as root. Note that the krb5 telnet daemon is not enabled by default in any version of Red Hat Enterprise Linux. In addition, the default firewall rules block remote access to the telnet port. This flaw does not affect the telnet daemon distributed in the telnet-server package.

tags | advisory, remote, overflow, arbitrary, root
systems | linux, redhat
advisories | CVE-2011-4862
SHA-256 | fcc05a1144325e7cb4e0faa7cb26db554864cc40f11c6e788b4e245114f681e2
Debian Security Advisory 2375-1
Posted Dec 26, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2375-1 - It was discovered that the encryption support for BSD telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet port to execute arbitrary code with root privileges.

tags | advisory, remote, overflow, arbitrary, root
systems | linux, bsd, debian
advisories | CVE-2011-4862
SHA-256 | fd73e5b12a6d4591dd69cdba1166f1b643a3602a7b0d79942b9bf522a6bf82a2
Debian Security Advisory 2373-1
Posted Dec 26, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2373-1 - It was discovered that the Kerberos support for telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet to execute arbitrary code with root privileges.

tags | advisory, remote, overflow, arbitrary, root
systems | linux, debian
advisories | CVE-2011-4862
SHA-256 | 717b70e7a6ef1a328de1d72ba01af5596d2d4e3fae9640dc08a8d53c699a0229
Debian Security Advisory 2372-1
Posted Dec 26, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2372-1 - It was discovered that the Kerberos support for telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet to execute arbitrary code with root privileges.

tags | advisory, remote, overflow, arbitrary, root
systems | linux, debian
advisories | CVE-2011-4862
SHA-256 | f0f6583e9e986815a366da7745916c14e72d8839169dad71c5322effd109c4f6
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close