|
|
|
Vulnerability Note VU#995038Debian Linux Netkit telnetd-ssl contains a format string vulnerabilityOverviewDebian Linux Netkit telnetd-ssl contains a format string vulnerability that may allow a remote attacker to execute arbitrary code.I. DescriptionAn unspecified format string vulnerability in Debian Linux Netkit telnetd-ssl may allow a remote attacker to execute arbitrary code on a vulnerable system. According to public reports, exploitation occurs when telnetd-ssl attempts to process specially crafted SSL error messages. No further details are available at this time.II. ImpactA remote attacker may be able to execute arbitrary code on a vulnerable system.III. SolutionUpgradeThis problem has been addressed in Debian Linux version 0.17.17+0.1-2woody3 of the stable distribution (woody), and version 0.17.24+0.1-6 of the unstable distribution (sid). Please see the Debian Security Advisory DSA-616-1 for instructions on how to upgrade.
References
This vulnerability was reported by Joel Eriksson. This document was written by Jeff Gennari.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
Get Adobe Reader