(CAN-2005-0468) A heap buffer overflow in env_opt_add() and related
functions.
(CAN-2005-0469) A global uninitialized data section buffer overflow in
slc_add_reply() and related functions.
As a result of these vulnerabilities, it may be possible for a malicious
telnet server or active network attacker to cause telnet(1) to execute
arbitrary code with the privileges of the user running it.
Security: CAN-2005-0468, CAN-2005-0469
Security: FreeBSD-SA-05:01.telnet
Security: http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities
Security: http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities
These fixes are based in part on patches
Submitted by: Solar Designer <solar@openwall.com>
"+" to the port number, disable option negotiation and allow
transferring of data with high bit set.
OKed by: markm (maintainer)
PR: 52032
Submitted by: Valentin Nechayev <netch maybe-at netch stop kiev stop ua>
MFC After: 2 weeks
- comment out feature, we do not have yet: tcpdumping on pfsync,
add a BUGS section
- reference carp.4
- dereference bpf(4), tcpdump(7), hostname.if(5)
- sort references
- tell when pfsync appeared in FreeBSD
Reviewed by: mlaier
MFC after: 1 week
Short list of changes:
* SIGINT termination from auto-fetch.
* Less trusting of remote filenames during auto mgets.
* Improved RFC2616 compliancy.
* Fix globs when using ftp reget (from mat@).
* Limit send buffer size.
- Bring IPsec support from the ports collection [1].
- Bring -o ("once only") option from the ports
collection [2].
- Adopt the Makefile framework into
usr.bin/nc/Makefile.
- Add a knob to control whether to build nc(1),
NO_NETCAT.
- Bump __FreeBSD_version so ports collection can
detect this change.
Original patchset are contributed to the ports collection by:
[1] nectar, [2] joerg.
Note: WARNS?=6 patchset spined off in this commit, in order not
to take too many files off the vendor branch.
reimplementation of the famous tool that can do arbitrary TCP
and UDP connections and listens.
This gaves sysadm the same tool the crackers have, so that
they may learn what the network is about and protect it better.
For developers, this is an invaluable debugging tool, and a
good build block of scripts.
Discussed on: freebsd-hackers@
This file is already off the vendor branch, and the fix will be
in future tcpdump.org vendor branch imports.
PR: bin/76497
MFC after: 1 week
Obtained from: tcpdump.org rev 1.89.2.4
Discussed with: fenner, keramida
/etc/iptos implementation so only numeric values supported.
o telnetd.8: steal the -S flag description from telnet.1, bump
the date of the document.
MFC after: 6 weeks
