sys_term.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions deletes dangerous environment variables with a method that was valid only in older FreeBSD distributions, which might allow remote malicious users to execute arbitrary code by passing a crafted environment variable from a telnet client, as demonstrated by an LD_PRELOAD value that references a malicious library.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
freebsd freebsd 7.1 |
||
freebsd freebsd 7.0 |
||
freebsd freebsd 7.0-release |
||
freebsd freebsd 7.0_beta4 |
||
freebsd freebsd 7.0_releng |