git: DragonFly_RELEASE_2_8 telnetd: Validate key length prior to copying into a fixed buffer.
Peter Avalos
pavalos at crater.dragonflybsd.org
Fri Dec 23 10:29:41 PST 2011
commit 69f80b05bfe3b1d4132314fa4b462b1b6d482164
Author: Peter Avalos <pavalos at dragonflybsd.org>
Date: Fri Dec 23 10:16:31 2011 -0800
telnetd: Validate key length prior to copying into a fixed buffer.
It's possible for a remote attacker to execute arbitrary code with the
privileges of the telnetd daemon (normally root) prior to this fix.
CVE-2011-4862
Obtained-from: FreeBSD-SA-11:08.telnetd
Summary of changes:
lib/libtelnet/encrypt.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/69f80b05bfe3b1d4132314fa4b462b1b6d482164
--
DragonFly BSD source repository
More information about the Commits
mailing list