CVE-2005-0468

Impact:
Important
Public Date:
2005-03-28
Bugzilla:
1617527: CVE-2005-0468 security flaw

The MITRE CVE dictionary describes this issue as:

Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated.

Find out more about CVE-2005-0468 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 2.1 (telnet) RHSA-2005:327 2005-03-28
Red Hat Enterprise Linux 3 (krb5) RHSA-2005:330 2005-03-30
Red Hat Enterprise Linux 2.1 (krb5) RHSA-2005:330 2005-03-30
Red Hat Enterprise Linux 3 (telnet) RHSA-2005:327 2005-03-28
Red Hat Enterprise Linux 4 (krb5) RHSA-2005:330 2005-03-30
Red Hat Enterprise Linux 4 (telnet) RHSA-2005:327 2005-03-28

Acknowledgements

Red Hat would like to thank iDefense for their responsible disclosure of this issue.

Last Modified

CVE description copyright © 2017, The MITRE Corporation