DragonFly BSD
DragonFly commits List (threaded) for 2005-03
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

cvs commit: src/crypto/heimdal-0.6.3/appl/telnet/telnet telnet.c src/crypto/telnet/telnet telnet.c src/usr.bin/telnet telnet.c


From: David Rhodus <drhodus@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Mon, 28 Mar 2005 10:03:33 -0800 (PST)

drhodus     2005/03/28 10:03:33 PST

DragonFly src repository

  Modified files:
    crypto/heimdal-0.6.3/appl/telnet/telnet telnet.c 
    crypto/telnet/telnet telnet.c 
    usr.bin/telnet       telnet.c 
  Log:
  Correct a pair of buffer overflows in the telnet(1) command:
  
  CAN-2005-0468) A heap buffer overflow in env_opt_add() and related
  functions.
  
  (CAN-2005-0469) A global uninitialized data section buffer overflow in
  slc_add_reply() and related functions.
  
  As a result of these vulnerabilities, it may be possible for a malicious
  telnet server or active network attacker to cause telnet(1) to execute
  arbitrary code with the privileges of the user running it.
  
  These fixes are based in part on patches
  Submitted by:   Solar Designer <solar@xxxxxxxxxxxx>
  With calibration with the FreeBSD security officer: Jacques Vidrine <nectar@xxxxxxxxxxx>
  
  Revision  Changes    Path
  1.2       +23 -7     src/crypto/heimdal-0.6.3/appl/telnet/telnet/telnet.c
  1.3       +24 -8     src/crypto/telnet/telnet/telnet.c
  1.3       +25 -5     src/usr.bin/telnet/telnet.c


http://www.dragonflybsd.org/cvsweb/src/crypto/heimdal-0.6.3/appl/telnet/telnet/telnet.c.diff?r1=1.1&r2=1.2&f=u
http://www.dragonflybsd.org/cvsweb/src/crypto/telnet/telnet/telnet.c.diff?r1=1.2&r2=1.3&f=u
http://www.dragonflybsd.org/cvsweb/src/usr.bin/telnet/telnet.c.diff?r1=1.2&r2=1.3&f=u



[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]