Apple-2gs-SW/telnetd
1
0
Fork 0
mirror of https://github.com/sheumann/telnetd.git synced 2024-09-27 17:55:34 +00:00
Code Issues Projects Releases Wiki Activity
e1492a80cd
telnetd/telnet
History
nectar e1492a80cd Correct a pair of buffer overflows in the telnet(1) command: 
(CAN-2005-0468) A heap buffer overflow in env_opt_add() and related
 functions.

 (CAN-2005-0469) A global uninitialized data section buffer overflow in
 slc_add_reply() and related functions.

As a result of these vulnerabilities, it may be possible for a malicious
telnet server or active network attacker to cause telnet(1) to execute
arbitrary code with the privileges of the user running it.

Security: CAN-2005-0468, CAN-2005-0469
Security: FreeBSD-SA-05:01.telnet
Security: http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities
Security: http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities

These fixes are based in part on patches
Submitted by:	Solar Designer <solar@openwall.com>


git-svn-id: http://svn0.us-east.freebsd.org/base/head/contrib/telnet@144231 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
2005-03-28 14:45:12 +00:00
..
authenc.c Use __FBSDID vs. rcsid[]. Also protect sccs[] and copyright[] from GCC 3.3. 2003-05-04 02:54:49 +00:00
commands.c Increase usefulness of telnet(1) as a protocol tester. By prepending 2005-02-28 12:46:53 +00:00
defines.h Very large style makeover. 2001-11-30 21:06:38 +00:00
externs.h Fix up external variables named "debug" that have a horrible habit 2003-05-11 18:17:00 +00:00
fdset.h This commit was generated by cvs2svn to compensate for changes in r29088, 1997-09-04 06:11:16 +00:00
general.h This commit was generated by cvs2svn to compensate for changes in r29088, 1997-09-04 06:11:16 +00:00
main.c o Make telnet[d] -S (IP TOS) flag really work. We do not have 2005-01-09 10:24:46 +00:00
network.c Use __FBSDID vs. rcsid[]. Also protect sccs[] and copyright[] from GCC 3.3. 2003-05-04 02:54:49 +00:00
ring.c Use __FBSDID vs. rcsid[]. Also protect sccs[] and copyright[] from GCC 3.3. 2003-05-04 02:54:49 +00:00
ring.h Damn. The previous mega-commit was incomplete WRT ANSIfication. This 2001-11-30 22:28:07 +00:00
sys_bsd.c Use __FBSDID vs. rcsid[]. Also protect sccs[] and copyright[] from GCC 3.3. 2003-05-04 02:54:49 +00:00
telnet.1 Increase usefulness of telnet(1) as a protocol tester. By prepending 2005-02-28 12:46:53 +00:00
telnet.c Correct a pair of buffer overflows in the telnet(1) command: 2005-03-28 14:45:12 +00:00
terminal.c Use __FBSDID vs. rcsid[]. Also protect sccs[] and copyright[] from GCC 3.3. 2003-05-04 02:54:49 +00:00
types.h This commit was generated by cvs2svn to compensate for changes in r29088, 1997-09-04 06:11:16 +00:00
utilities.c Use __FBSDID vs. rcsid[]. Also protect sccs[] and copyright[] from GCC 3.3. 2003-05-04 02:54:49 +00:00