Red Hat Inc. Information for VU#341908

Multiple Telnet Clients vulnerable to buffer overflow via the env_opt_add() function in telnet.c

Status

Affected

Vendor Statement

Vendor Statement: Red Hat, Inc

Updates are available for Red Hat Enterprise Linux 2.1, 3 and 4 to correct this
issue. New telnet and Kerberos packages along with our advisory are available
at the URL below and by using the Red Hat Network 'up2date' tool.

http://rhn.redhat.com/errata/CAN-2005-0468.html

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

Please see http://rhn.redhat.com/errata/RHSA-2005-330.html.

If you have feedback, comments, or additional information about this vulnerability, please send us email.