Signature Detail
Short Name |
TELNET:OVERFLOW:BSD-ENCRY-KEYID |
|---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
TELNET |
Keywords |
Multiple Vendors BSD telnetd Encryption Key Buffer Overflow |
Release Date |
2012/01/19 |
Update Number |
2066 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
TELNET: Multiple Vendors BSD telnetd Encryption Key Buffer Overflow
This signature detects attempts to exploit a known flaw in BSD telnetd. The vulnerability is due to the copying of an encryption key into a fixed-length buffer without validation of the key's length. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted packet to telnetd. A successful exploitation attempt could result in the execution of arbitrary code in the security context of the Telnet daemon.
Extended Description
FreeBSD is prone to a remote buffer-overflow vulnerability. Exploiting this issue allows remote attackers to execute arbitrary code with superuser privileges. Successfully exploiting this issue will completely compromise affected computers.
Affected Products
- Cisco IronPort Email Security Appliance C-Series 7.0.1
- Cisco IronPort Email Security Appliance C-Series
- Cisco IronPort Email Security Appliance X-Series 7.0.1
- Cisco IronPort Email Security Appliance X-Series
- Cisco IronPort Security Management Appliance
- Debian Linux 6.0 amd64
- Debian Linux 6.0 arm
- Debian Linux 6.0 ia-32
- Debian Linux 6.0 ia-64
- Debian Linux 6.0 mips
- Debian Linux 6.0 powerpc
- Debian Linux 6.0 s/390
- Debian Linux 6.0 sparc
- FreeBSD Freebsd 7.1 -RELEASE-p14
- FreeBSD Freebsd 7.1-RELENG
- FreeBSD Freebsd 7.2
- FreeBSD Freebsd 7.3
- FreeBSD Freebsd 7.3-RELEASE
- FreeBSD Freebsd 7.3-RELEASE-p3
- FreeBSD Freebsd 7.3-RELEASE-p6
- FreeBSD Freebsd 7.3 - RELEASE - p7
- FreeBSD Freebsd 7.3-RELENG
- FreeBSD Freebsd 7.4
- FreeBSD Freebsd 7.4-RELEASE-p2
- FreeBSD Freebsd 7.4 -RELEASE-p3
- FreeBSD Freebsd 7.4-STABLE
- FreeBSD Freebsd 8.0
- FreeBSD Freebsd 8.0-RC1
- FreeBSD Freebsd 8.0 -RELEASE-p5
- FreeBSD Freebsd 8.1
- FreeBSD Freebsd 8.1-RELEASE-p1
- FreeBSD Freebsd 8.1-RELEASE-p4
- FreeBSD Freebsd 8.1-RELEASE-p5
- FreeBSD Freebsd 8.1-RELENG
- FreeBSD Freebsd 8.1-STABLE
- FreeBSD Freebsd 8.2
- FreeBSD Freebsd 8.2-RELEASE-p1
- FreeBSD Freebsd 8.2-RELEASE-p2
- FreeBSD Freebsd 8.2 - RELEASE -p3
- FreeBSD Freebsd 8.2-STABLE
- FreeBSD Freebsd 8.2-STABLE
- FreeBSD Freebsd 8-RELENG
- FreeBSD Freebsd 9.0-RC1
- FreeBSD Freebsd 9.0-RC3
- FreeBSD Freebsd 9.0-RELEASE
- FreeBSD Freebsd 9.0-STABLE
- FreeBSD 7.0
- FreeBSD 7.0 BETA4
- FreeBSD 7.0 -PRERELEASE
- FreeBSD 7.0-RELEASE
- FreeBSD 7.0-RELEASE-P11
- FreeBSD 7.0-RELEASE-P12
- FreeBSD 7.0-RELEASE-P3
- FreeBSD 7.0-RELEASE-P8
- FreeBSD 7.0 -RELEASE-P9
- FreeBSD 7.0 -RELENG
- FreeBSD 7.0-STABLE
- FreeBSD 7.1
- FreeBSD 7.1 -PRE-RELEASE
- FreeBSD 7.1 Rc1
- FreeBSD 7.1 -RELEASE-P1
- FreeBSD 7.1 -RELEASE-P2
- FreeBSD 7.1-RELEASE-P4
- FreeBSD 7.1-RELEASE-P5
- FreeBSD 7.1-RELEASE-P6
- FreeBSD 7.1-STABLE
- FreeBSD 7.2-PRERELEASE
- FreeBSD 7.2-RC2
- FreeBSD 7.2-RELEASE-P1
- FreeBSD 7.2-RELEASE-P4
- FreeBSD 7.2-STABLE
- FreeBSD 7.3-RELEASE-P1
- FreeBSD 7.3-STABLE
- FreeBSD 8.0-RELEASE
- FreeBSD 8.0-STABLE
- FreeBSD 8.1-PRERELEASE
- FreeBSD 8.1-RELEASE
- Gentoo Linux
- Mandriva Enterprise Server 5
- Mandriva Enterprise Server 5 X86 64
- Mandriva Linux Mandrake 2010.1
- Mandriva Linux Mandrake 2010.1 X86 64
- Mandriva Linux Mandrake 2011
- Mandriva Linux Mandrake 2011 x86_64
- MIT Kerberos 5 1.0.0
- MIT Kerberos 5 1.0.6
- MIT Kerberos 5 1.0.8
- MIT Kerberos 5 1.1.0
- MIT Kerberos 5 1.1.1
- MIT Kerberos 5 1.2.0
- MIT Kerberos 5 1.2.1
- MIT Kerberos 5 1.2.2
- MIT Kerberos 5 1.2.2 -Beta1
- MIT Kerberos 5 1.2.3
- MIT Kerberos 5 1.2.4
- MIT Kerberos 5 1.2.5
- MIT Kerberos 5 1.2.6
- MIT Kerberos 5 1.2.7
- MIT Kerberos 5 1.2.8
- MIT Kerberos 5 1.3.0
- MIT Kerberos 5 1.3.0 -Alpha1
- MIT Kerberos 5 1.3.1
- MIT Kerberos 5 1.3.2
- MIT Kerberos 5 1.3.3
- MIT Kerberos 5 1.3.4
- MIT Kerberos 5 1.3.5
- MIT Kerberos 5 1.3.6
- MIT Kerberos 5 1.4.0
- MIT Kerberos 5 1.4.1
- MIT Kerberos 5 1.4.2
- MIT Kerberos 5 1.4.3
- MIT Kerberos 5 1.5.0
- MIT Kerberos 5 1.5.1
- MIT Kerberos 5 1.5.2
- MIT Kerberos 5 1.5.3
- MIT Kerberos 5 1.5.4
- MIT Kerberos 5 1.5.5
- MIT Kerberos 5 1.6.0
- MIT Kerberos 5 1.6.1
- MIT Kerberos 5 1.6.2
- MIT Kerberos 5 1.6.3
- MIT Kerberos 5 1.6.4
- MIT Kerberos 5 1.7
- MIT Kerberos 5 1.7.1
- MIT Kerberos 5 1.7.2
- Oracle Enterprise Linux 4
- Oracle Enterprise Linux 5
- Oracle Enterprise Linux 6
- Oracle Enterprise Linux 6.2
- Red Hat Enterprise Linux 5 Server
- Red Hat Enterprise Linux AS 4
- Red Hat Enterprise Linux Desktop 4.0
- Red Hat Enterprise Linux Desktop 5 Client
- Red Hat Enterprise Linux Desktop 6
- Red Hat Enterprise Linux Desktop Workstation 5 Client
- Red Hat Enterprise Linux ES 4
- Red Hat Enterprise Linux HPC Node 6
- Red Hat Enterprise Linux Server 6
- Red Hat Enterprise Linux Server 6.0.z
- Red Hat Enterprise Linux Workstation 6
- Red Hat Enterprise Linux WS 4
- Red Hat Fedora 15
- Red Hat Fedora 16
- SuSE CORE 9
- SuSE openSUSE 11.3
- SuSE openSUSE 11.4
- SuSE SUSE CORE 9 for x86
- SuSE SUSE Linux Enterprise Desktop 10 SP4
- SuSE SUSE Linux Enterprise Desktop 11 SP1
- SuSE SUSE Linux Enterprise SDK 10 SP4
- SuSE SUSE Linux Enterprise SDK 11 SP1
- SuSE SUSE Linux Enterprise Server 10 SP2
- SuSE SUSE Linux Enterprise Server 10 SP3 LTSS
- SuSE SUSE Linux Enterprise Server 10 SP4
- SuSE SUSE Linux Enterprise Server 11 SP1
- SuSE SUSE Linux Enterprise Server for VMware 11 SP1
- VMWare ESX 4.0
References