cvs commit: src/crypto/heimdal-0.6.3/appl/telnet/telnet telnet.c

看板DFBSD_commit作者時間21年前 (2005/03/29 02:32), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串1/1
drhodus 2005/03/28 10:03:33 PST DragonFly src repository Modified files: crypto/heimdal-0.6.3/appl/telnet/telnet telnet.c crypto/telnet/telnet telnet.c usr.bin/telnet telnet.c Log: Correct a pair of buffer overflows in the telnet(1) command: CAN-2005-0468) A heap buffer overflow in env_opt_add() and related functions. (CAN-2005-0469) A global uninitialized data section buffer overflow in slc_add_reply() and related functions. As a result of these vulnerabilities, it may be possible for a malicious telnet server or active network attacker to cause telnet(1) to execute arbitrary code with the privileges of the user running it. These fixes are based in part on patches Submitted by: Solar Designer <solar@openwall.com> With calibration with the FreeBSD security officer: Jacques Vidrine <nectar@freebsd.org> Revision Changes Path 1.2 +23 -7 src/crypto/heimdal-0.6.3/appl/telnet/telnet/telnet.c 1.3 +24 -8 src/crypto/telnet/telnet/telnet.c 1.3 +25 -5 src/usr.bin/telnet/telnet.c http://www.dragonflybsd.org/cvsweb/src/crypto/heimdal-0.6.3/appl/telnet/telnet/telnet.c.diff?r1=1.1&r2=1.2&f=u http://www.dragonflybsd.org/cvsweb/src/crypto/telnet/telnet/telnet.c.diff?r1=1.2&r2=1.3&f=u http://www.dragonflybsd.org/cvsweb/src/usr.bin/telnet/telnet.c.diff?r1=1.2&r2=1.3&f=u
更多 drhodus. 的文章
文章代碼(AID): #12I4sj00 (DFBSD_commit)