Login
Newsletter
Werbung

Sicherheit: Pufferüberlauf in netkit-telnet (Fedora Core 3)
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in netkit-telnet (Fedora Core 3)
ID: FEDORA-2005-274
Distribution: Fedora
Plattformen: Fedora Core 3
Datum: Do, 31. März 2005, 13:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0469
Applikationen: NetKit

Originalnachricht

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-274
2005-03-30
---------------------------------------------------------------------

Product : Fedora Core 3
Name : telnet
Version : 0.17
Release : 32.FC3.2
Summary : The client program for the telnet remote login protocol.
Description :
Telnet is a popular protocol for logging into remote systems over the
Internet. The telnet package provides a command line telnet client.

---------------------------------------------------------------------
Update Information:

Two buffer overflow flaws were discovered in the way the telnet client
handles messages from a server. An attacker may be able to execute
arbitrary code on a victim's machine if the victim can be tricked into
connecting to a malicious telnet server. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the names CAN-2005-0468
and CAN-2005-0469 to these issues.


Red Hat would like to thank iDEFENSE for their responsible disclosure of
this issue.
---------------------------------------------------------------------
* Thu Mar 17 2005 Harald Hoyer <harald@redhat.com> - 1:0.17-32.FC3.2

- fixed CAN-2005-468 and CAN-2005-469

* Thu Jan 13 2005 Jason Vas Dias <jvdias@redhat.com> - 1:0.17-31

- bug 143929 / 145004 : fix race condition in telnetd on wtmp lock
- when cleanup() is entered from main process and in signal
- handler


---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

89834e05dfaaf87030241f12a8d43622 SRPMS/telnet-0.17-32.FC3.2.src.rpm
9ffe815c3d82132847f6f243662d8689 x86_64/telnet-0.17-32.FC3.2.x86_64.rpm
70c70de3253e43c621e1bd753ad85ac8
x86_64/telnet-server-0.17-32.FC3.2.x86_64.rpm
299a0a1ddc2f575b14509757a8e352fa
x86_64/debug/telnet-debuginfo-0.17-32.FC3.2.x86_64.rpm
317a655b172288cfc0615b1a06fd2e07 i386/telnet-0.17-32.FC3.2.i386.rpm
a51075465fe35429b26f83df4e1888b5 i386/telnet-server-0.17-32.FC3.2.i386.rpm
0f90b3b223e4a5286882f29d2ddc39dc
i386/debug/telnet-debuginfo-0.17-32.FC3.2.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------

--
fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung