Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Gentoo Local Security Checks >> [GLSA-200503-36] netkit-telnetd: Buffer overflow


Vulnerability Assessment Details

[GLSA-200503-36] netkit-telnetd: Buffer overflow

Vulnerability Assessment Summary
netkit-telnetd: Buffer overflow

Detailed Explanation for this Vulnerability Assessment
The remote host is affected by the vulnerability described in GLSA-200503-36
(netkit-telnetd: Buffer overflow)


A buffer overflow has been identified in the slc_add_reply()
function of netkit-telnetd client, where a large number of SLC commands
can overflow a fixed size buffer.

Impact

Successful explotation would require a vulnerable user to connect
to a possible hacker-controlled host using telnet, potentially executing
arbitrary code with the permissions of the telnet user.

Workaround

There is no known workaround at this time.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0469
http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities


Solution:
All netkit-telnetd users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/netkit-telnetd-0.17-r6"


Network Security Threat Level: Medium


Networks Security ID:

Vulnerability Assessment Copyright: (C) 2005 Michel Arboi

Cables, Connectors


Samsung Galaxy Tab A8 10.5

Samsung Galaxy Tab A8 10.5" SM-X200 128GB Wifi Only Tablet Open Box

$149.99



Samsung Galaxy Tab A 8.0

Samsung Galaxy Tab A 8.0" 2019 SM-T290 32GB WiFi Tablet Open Box

$94.99



Samsung - S Pen Creator Edition - White picture

Samsung - S Pen Creator Edition - White

$40.00



Genuine Samsung Book Cover Keyboard for 14.6

Genuine Samsung Book Cover Keyboard for 14.6" Galaxy Tab S8 Ultra | S8 Ultra 5G

$89.99



Samsung Galaxy Tab A9 (X110) 64GB 4GB RAM International Version (New) picture

Samsung Galaxy Tab A9 (X110) 64GB 4GB RAM International Version (New)

$129.99



SAMSUNG M393A2G40DB0-CPB 16GB PC4-17000P DDR4-2133 2RX4 ECC picture

SAMSUNG M393A2G40DB0-CPB 16GB PC4-17000P DDR4-2133 2RX4 ECC

$14.95



Samsung 16GB 2Rx4 PC3-12800R M393B2G70BH0-CK0 DDR3 RDIMM - SERVER RAM picture

Samsung 16GB 2Rx4 PC3-12800R M393B2G70BH0-CK0 DDR3 RDIMM - SERVER RAM

$8.90



Genuine OEM Samsung Galaxy Tab S6 Lite Book Cover -NEW EF-BP610PJEGUJ- #E4 picture

Genuine OEM Samsung Galaxy Tab S6 Lite Book Cover -NEW EF-BP610PJEGUJ- #E4

$14.99



512GB SAMSUNG EVO Plus Micro SD MicroSDXC Flash Memory Card w/ SD Adapter picture

512GB SAMSUNG EVO Plus Micro SD MicroSDXC Flash Memory Card w/ SD Adapter

$21.99



Tempered Glass Screen Protector For Samsung Galaxy Tab S9/S9 FE/S9 Plus/S9 Ultra picture

Tempered Glass Screen Protector For Samsung Galaxy Tab S9/S9 FE/S9 Plus/S9 Ultra

$10.95



Discussions

No Discussions have been posted on this vulnerability.