git: telnetd: Validate key length prior to copying into a fixed buffer.
Peter Avalos
pavalos at crater.dragonflybsd.org
Fri Dec 23 10:29:39 PST 2011
commit e2decfa00070772e0f0eb2531bad6efdb84a403b
Author: Peter Avalos <pavalos at dragonflybsd.org>
Date: Fri Dec 23 10:16:31 2011 -0800
telnetd: Validate key length prior to copying into a fixed buffer.
It's possible for a remote attacker to execute arbitrary code with the
privileges of the telnetd daemon (normally root) prior to this fix.
CVE-2011-4862
Obtained-from: FreeBSD-SA-11:08.telnetd
Summary of changes:
lib/libtelnet/encrypt.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e2decfa00070772e0f0eb2531bad6efdb84a403b
--
DragonFly BSD source repository
More information about the Commits
mailing list