projects / dragonfly.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6c3e9d7) | patch
telnetd: Validate key length prior to copying into a fixed buffer.
authorPeter Avalos <pavalos@dragonflybsd.org>
Fri, 23 Dec 2011 18:16:31 +0000 (10:16 -0800)
committerPeter Avalos <pavalos@dragonflybsd.org>
Fri, 23 Dec 2011 18:25:00 +0000 (10:25 -0800)
commit69f80b05bfe3b1d4132314fa4b462b1b6d482164
treeb2098350b4d28cbfc8f746d928eb06bcb113ba43tree
parent6c3e9d773e8db729b746e413e9a196dee39a5676commit | diff
telnetd:  Validate key length prior to copying into a fixed buffer.

It's possible for a remote attacker to execute arbitrary code with the
privileges of the telnetd daemon (normally root) prior to this fix.
CVE-2011-4862

Obtained-from:   FreeBSD-SA-11:08.telnetd
lib/libtelnet/encrypt.c diff | blob | blame | history
DragonFly Project GIT Source repo