Multiple Telnet clients contain a data length validation flaw that may allow a malicious server to execute arbitrary code on the client host with privs of client.
The Telnet network protocol is described in RFC854 and RFC855 as a general, bi-directional communications facility. The Telnet protocol is commonly used for command-line login sessions between Internet hosts.
Many Telnet clients are vulnerable to a buffer overflow condition.
Exploitation of this vulnerability may permit a malicious server to execute arbitrary code with the privileges of the user that invoked the telnet client. An attacker would have to trick a victim into initiating a telnet connection using a vulnerable client. This may be accomplished with an HTML rendered email or web page, using the TELNET:// URI handler, however further user interaction may be required.
Apply a patch or upgrade as specified by your vendor.
Apple Computer Inc.
MIT Kerberos Development Team
Red Hat Inc.
Sun Microsystems Inc.
Thanks to iDEFENSE Labs for reporting this vulnerability.
|Date First Published:||2005-04-01|
|Date Last Updated:||2005-07-28 21:01 UTC|