Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0468

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-0468
Last Modified 21 Aug 2010 12:26:11
Published 02 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0468

Summary

Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated.

Vulnerable Systems

Application

  • Ncsa Telnet C


References

CERT-VN - VU#341908

REDHAT - RHSA-2005:330

REDHAT - RHSA-2005:327

DEBIAN - DSA-703

CONFIRM - http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-001-telnet.txt

SGI - 20050405-01-P

UBUNTU - USN-224-1

BID - 12919

IDEFENSE - 20050328 Multiple Telnet Client env_opt_add() Buffer Overflow Vulnerability

DEBIAN - DSA-731

SUNALERT - 57761

SUNALERT - 57755

SUNALERT - 101671

SUNALERT - 101665

SECUNIA - 17899

SECUNIA - 14745

CONECTIVA - CLA-2005:962

FREEBSD - FreeBSD-SA-05:01.telnet

MANDRAKE - MDKSA-2005:061


Last Updated: 27 May 2016 10:39:48