freebsd-nq/contrib
Jacques Vidrine 14aab889f4 Correct a pair of buffer overflows in the telnet(1) command:
(CAN-2005-0468) A heap buffer overflow in env_opt_add() and related
 functions.

 (CAN-2005-0469) A global uninitialized data section buffer overflow in
 slc_add_reply() and related functions.

As a result of these vulnerabilities, it may be possible for a malicious
telnet server or active network attacker to cause telnet(1) to execute
arbitrary code with the privileges of the user running it.

Security: CAN-2005-0468, CAN-2005-0469
Security: FreeBSD-SA-05:01.telnet
Security: http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities
Security: http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities

These fixes are based in part on patches
Submitted by:	Solar Designer <solar@openwall.com>
2005-03-28 14:45:12 +00:00
..
amd
bc
bind9 Expand and refine a few sections for future reference 2005-03-17 08:40:41 +00:00
binutils
bsnmp Don't extract the .gdbinit file from the distribution. 2005-02-28 17:29:10 +00:00
bzip2
com_err
cpio
cvs
diff
expat
file
gcc
gdb
gdtoa
gnu-sort
gperf
groff
ipfilter
isc-dhcp
less
libbegemot
libf2c
libobjc
libpcap
libreadline
libstdc++
lukemftp
lukemftpd
ncurses
netcat
ngatm
ntp
nvi
one-true-awk
openpam
opie
pam_modules/pam_passwdqc
pf
pnpinfo
sendmail
smbfs
tar
tcp_wrappers
tcpdump
tcsh
telnet Correct a pair of buffer overflows in the telnet(1) command: 2005-03-28 14:45:12 +00:00
texinfo
top Correct macro usage. 2005-03-13 13:37:02 +00:00
traceroute