Computer Security
[EN] securityvulns.ru no-pyccku


MIT / FreeBSD / Cisco telnetd buffer overflow
updated since 28.12.2011
Published:30.01.2012
Source:
SecurityVulns ID:12120
Type:remote
Threat Level:
10/10
Description:Buffer overflow in BSD telnetd / MIT krb5 telnetd is actively exploited in-the-wild.
Affected:FREEBSD : FreeBSD 7.3
 FREEBSD : FreeBSD 8.1
 FREEBSD : FreeBSD 7.4
 FREEBSD : FreeBSD 8.2
 MIT : krb5-appl 1.0
 FREEBSD : FreeBSD 9.0
 HEIMDAL : Heimdal 1.5
 CISCO : AsyncOS 7.5
 CISCO : AsyncOS 7.7
CVE:CVE-2011-4862 (Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, and Heimdal 1.5.1 and earlier allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.)
Original documentdocumentCISCO, Cisco Security Advisory: Cisco IronPort Appliances Telnet Remote Code Execution Vulnerability (30.01.2012)
 documentMIT, MITKRB5-SA-2011-008 buffer overflow in telnetd [CVE-2011-4862] (02.01.2012)
 documentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-11:08.telnetd (02.01.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod