NASLDB: Debian DSA-569-1 : netkit-telnet-ssl - invalid free(3)
General
ID: 15667
Name: Debian DSA-569-1 : netkit-telnet-ssl – invalid free(3)
Summary: Checks dpkg output for the updated package
Credits: –
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS Temporal Vector: –
Port: 0
Family: Debian Local Security Checks
Type: Local
Description
Michal Zalewski discovered a bug in the netkit-telnet server (telnetd)
whereby a remote attacker could cause the telnetd process to free an
invalid pointer. This causes the telnet server process to crash,
leading to a straightforward denial of service (inetd will disable the
service if telnetd is crashed repeatedly), or possibly the execution
of arbitrary code with the privileges of the telnetd process (by
default, the ‘telnetd’ user).
Exploiting
Exploit Available: –
Exploitability Ease: –
Sources
CVE: CVE-2004-0911
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: 2004/10/06
Patch Release: 2004/10/18
Plugin Release: 2004/11/10
Plugin
Version: 1.13
Filename: debian_DSA-569.nasl
Filesize: 3258 bytes
MD5 Hash: 9cc57a46b340af0c85fb9c303b0aa3c5
Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l
Dependencies: "ssh_get_info.nasl"
Copyright: This script is© 2004-2012 Tenable Network Security, Inc.
- Letzte Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack