Published: 02/05/2005 Updated: 11/10/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote malicious users to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ncsa telnet c

Ga�l Delalleau discovered a buffer overflow in the env_opt_add() function of the Kerberos 4 and 5 telnet clients By sending specially crafted replies, a malicious telnet server could exploit this to execute arbitrary code with the privileges of the user running the telnet client (CVE-2005-0468) ...

Synopsis telnet security update Type/Severity Security Advisory: Important Topic Updated telnet packages that fix two buffer overflow vulnerabilities arenow availableThis update has been rated as having important security impact by the RedHat Security Response Team Description The telnet ...

Synopsis krb5 security update Type/Severity Security Advisory: Important Topic Updated krb5 packages which fix two buffer overflow vulnerabilities in theincluded Kerberos-aware telnet client are now availableThis update has been rated as having important security impact by the RedHat Security Response Team ...

Several problems have been discovered in telnet clients that could be exploited by malicious daemons the client connects to The Common Vulnerabilities and Exposures project identifies the following problems: CAN-2005-0468 Gaël Delalleau discovered a buffer overflow in the env_opt_add() function that allow a remote attacker to execute arb ...

source: wwwsecurityfocuscom/bid/12919/info Multiple vendors' Telnet client applications are reported prone to a remote buffer-overflow vulnerability This vulnerability reportedly occurs in the 'env_opt_add()' function in the 'telnetc' source file, which is apparently common source for all the affected vendors A remote attacker may exp ...

NVD-CWE-Other http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-001-telnet.txt http://www.debian.org/security/2005/dsa-703 http://www.redhat.com/support/errata/RHSA-2005-327.html http://www.redhat.com/support/errata/RHSA-2005-330.html ftp://patches.sgi.com/support/free/security/advisories/20050405-01-P http://www.debian.de/security/2005/dsa-731 http://www.kb.cert.org/vuls/id/341908 http://secunia.com/advisories/14745 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1 http://www.ubuntulinux.org/usn/usn-224-1 http://secunia.com/advisories/17899 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000962 http://www.securityfocus.com/bid/12919 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1 http://www.mandriva.com/security/advisories?name=MDKSA-2005:061 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9640 https://usn.ubuntu.com/224-1/https://nvd.nist.gov https://www.exploit-db.com/exploits/25303/https://www.kb.cert.org/vuls/id/341908

CVE-2005-0468

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect