projects / dragonfly.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 701e058) | patch
telnetd: Validate key length prior to copying into a fixed buffer.
authorPeter Avalos <pavalos@dragonflybsd.org>
Fri, 23 Dec 2011 18:16:31 +0000 (10:16 -0800)
committerPeter Avalos <pavalos@dragonflybsd.org>
Fri, 23 Dec 2011 18:21:41 +0000 (10:21 -0800)
commite2decfa00070772e0f0eb2531bad6efdb84a403b
tree94ff343b4bddb1f6510921c216747a4ce029608ftree | snapshot
parent701e05820ec80b00089f2b984aca9b194b7a7ce2commit | diff
telnetd:  Validate key length prior to copying into a fixed buffer.

It's possible for a remote attacker to execute arbitrary code with the
privileges of the telnetd daemon (normally root) prior to this fix.
CVE-2011-4862

Obtained-from:   FreeBSD-SA-11:08.telnetd
lib/libtelnet/encrypt.c diff | blob | blame | history
DragonFly Project Source