Executive Summary
Summary | |
---|---|
Title | telnet vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-101-1 | First vendor Publication | 2005-03-28 |
Vendor | Ubuntu | Last vendor Modification | 2005-03-28 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: telnet telnetd The problem can be corrected by upgrading the affected package to version 0.17-24ubuntu0.1. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: A buffer overflow was discovered in the telnet client's handling of the LINEMODE suboptions. By sending a specially constructed reply containing a large number of SLC (Set Local Character) commands, a remote attacker (i. e. a malicious telnet server) could execute arbitrary commands with the privileges of the user running the telnet client. (CAN-2005-0469) Michal Zalewski discovered a Denial of Service vulnerability in the telnet server (telnetd). A remote attacker could cause the telnetd process to free an invalid pointer, which caused the server process to crash, leading to a denial of service (inetd will disable the service if telnetd crashed repeatedly), or possibly the execution of arbitrary code with the privileges of the telnetd process (by default, the 'telnetd' user). Please note that the telnet server is not officially supported by Ubuntu, it is in the "universe" component. (CAN-2004-0911) |
Original Source
Url : http://www.ubuntu.com/usn/USN-101-1 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:9708 | |||
Oval ID: | oval:org.mitre.oval:def:9708 | ||
Title: | Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands. | ||
Description: | Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0469 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for telnet File : nvt/sles9p5015478.nasl |
2009-10-10 | Name : SLES9: Security update for heimdal File : nvt/sles9p5012765.nasl |
2009-06-03 | Name : Solaris Update for telnet 119434-01 File : nvt/gb_solaris_119434_01.nasl |
2009-06-03 | Name : Solaris Update for telnet 119433-01 File : nvt/gb_solaris_119433_01.nasl |
2009-06-03 | Name : Solaris Update for telnet 110669-05 File : nvt/gb_solaris_110669_05.nasl |
2009-06-03 | Name : Solaris Update for telnet 110668-05 File : nvt/gb_solaris_110668_05.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200504-28 (Heimdal) File : nvt/glsa_200504_28.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200504-04 (telnet) File : nvt/glsa_200504_04.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200504-01 (telnet) File : nvt/glsa_200504_01.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200503-36 (netkit-telnetd) File : nvt/glsa_200503_36.nasl |
2008-09-04 | Name : FreeBSD Security Advisory (FreeBSD-SA-05:01.telnet.asc) File : nvt/freebsdsa_telnet.nasl |
2008-09-04 | Name : FreeBSD Ports: heimdal File : nvt/freebsd_heimdal1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 556-1 (netkit-telnet) File : nvt/deb_556_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 765-1 (heimdal) File : nvt/deb_765_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 731-1 (krb4) File : nvt/deb_731_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 703-1 (krb5) File : nvt/deb_703_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 699-1 (netkit-telnet-ssl) File : nvt/deb_699_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 697-1 (netkit-telnet) File : nvt/deb_697_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 569-1 (netkit-telnet-ssl) File : nvt/deb_569_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 556-2 (netkit-telnet) File : nvt/deb_556_2.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2005-210-01 telnet client File : nvt/esoft_slk_ssa_2005_210_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
15094 | Multiple Vendor Telnet slc_add_reply Function Remote Overflow |
10531 | netkit-telnetd AYT Command Memory Handling Overflow A remote overflow exists in netkit-telnetd. The telnet daemon has an error within the processing of AYT ("Are You There") commands and may cause an invalid pointer to be freed resulting in a buffer overflow. With a specially crafted request, an attacker may cause a denial of servce or potentially execute arbitrary code resulting in a loss of integrity and/or availability. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | client ENV OPT escape overflow attempt RuleID : 3537 - Revision : 11 - Type : PROTOCOL-TELNET |
2014-01-10 | client LINEMODE SLC overflow attempt RuleID : 3533 - Revision : 12 - Type : PROTOCOL-TELNET |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2012-09-24 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-270.nasl - Type : ACT_GATHER_INFO |
2012-01-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-773.nasl - Type : ACT_GATHER_INFO |
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-330.nasl - Type : ACT_GATHER_INFO |
2006-05-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_b62c80c2b81a11dabec500123ffe8333.nasl - Type : ACT_GATHER_INFO |
2006-01-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-224-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-101-1.nasl - Type : ACT_GATHER_INFO |
2005-10-05 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2005-210-01.nasl - Type : ACT_GATHER_INFO |
2005-09-12 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-274.nasl - Type : ACT_GATHER_INFO |
2005-07-22 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-765.nasl - Type : ACT_GATHER_INFO |
2005-06-17 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-731.nasl - Type : ACT_GATHER_INFO |
2005-05-19 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-269.nasl - Type : ACT_GATHER_INFO |
2005-05-19 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-277.nasl - Type : ACT_GATHER_INFO |
2005-04-29 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200504-28.nasl - Type : ACT_GATHER_INFO |
2005-04-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200504-04.nasl - Type : ACT_GATHER_INFO |
2005-04-02 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-703.nasl - Type : ACT_GATHER_INFO |
2005-04-02 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200504-01.nasl - Type : ACT_GATHER_INFO |
2005-04-01 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200503-36.nasl - Type : ACT_GATHER_INFO |
2005-03-30 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-061.nasl - Type : ACT_GATHER_INFO |
2005-03-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-330.nasl - Type : ACT_GATHER_INFO |
2005-03-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-327.nasl - Type : ACT_GATHER_INFO |
2005-03-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-697.nasl - Type : ACT_GATHER_INFO |
2005-03-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-699.nasl - Type : ACT_GATHER_INFO |
2004-11-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-556.nasl - Type : ACT_GATHER_INFO |
2004-11-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-569.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:58:02 |
|