Debian Security Advisory DSA 699-1 security@
debian.org
http://www.debian.org/security/ Martin Schulze
March 29th, 2005
http://www.debian.org/security/faq
Package : netkit-
telnet-
ssl
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2005-0469
iDEFENSE researchers discovered a buffer overflow in the handling of
the LINEMODE suboptions in
telnet clients. This can lead to the
execution of arbitrary code when connected to a malicious server.
For the stable distribution (woody) this problem has been fixed in
version 0.17.17+0.1-2woody4.
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you upgrade your
telnet-
ssl package.