git: DragonFly_RELEASE_2_10 telnetd: Validate key length prior

看板DFBSD_commit作者pavalos.時間14年前 (2011/12/28 02:05)推噓0(0推 0噓 0→)

留言0則, 0人參與討論串1/1

commit 75df574506ea14695f2e86f863d312d284086d6d Author: Peter Avalos <pavalos@dragonflybsd.org> Date: Fri Dec 23 10:16:31 2011 -0800 telnetd: Validate key length prior to copying into a fixed buffer. It's possible for a remote attacker to execute arbitrary code with the privileges of the telnetd daemon (normally root) prior to this fix. CVE-2011-4862 Obtained-from: FreeBSD-SA-11:08.telnetd Summary of changes: lib/libtelnet/encrypt.c | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/75df574506ea14695f2e86f863d312d284086d6d -- DragonFly BSD source repository

‣ 返回看板[ DFBSD_commit ] DBSD

‣ 更多 pavalos. 的文章

文章代碼(AID): #1E-WZnMz (DFBSD_commit)