git: telnetd: Validate key length prior to copying into a fixed buffer.

Peter Avalos pavalos at crater.dragonflybsd.org
Fri Dec 23 10:29:39 PST 2011


commit e2decfa00070772e0f0eb2531bad6efdb84a403b
Author: Peter Avalos <pavalos at dragonflybsd.org>
Date:   Fri Dec 23 10:16:31 2011 -0800

    telnetd:  Validate key length prior to copying into a fixed buffer.
    
    It's possible for a remote attacker to execute arbitrary code with the
    privileges of the telnetd daemon (normally root) prior to this fix.
    CVE-2011-4862
    
    Obtained-from:   FreeBSD-SA-11:08.telnetd

Summary of changes:
 lib/libtelnet/encrypt.c |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e2decfa00070772e0f0eb2531bad6efdb84a403b


-- 
DragonFly BSD source repository





More information about the Commits mailing list