bug-inetutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [BUG][PATCH] Someone described a remote DoS Vulnerability in telnetd


From: Simon Josefsson
Subject: Re: [BUG][PATCH] Someone described a remote DoS Vulnerability in telnetd (dereference NULL pointer ---> SEGV)
Date: Thu, 08 Sep 2022 16:54:49 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)

Guillem Jover <guillem@hadrons.org> writes:

> [ Resending with To trimmed. ]
>
> Hi!
>
> On Tue, 2022-08-30 at 22:57:51 +0200, Guillem Jover wrote:
>> On Sun, 2022-08-28 at 14:40:44 +0200, Erik Auerswald wrote:
>> > On Sat, Aug 27, 2022 at 07:37:15PM +0200, Erik Auerswald wrote:
>> > > someone has described a remote DoS vulnerability in
>> > > many telnetd implementations that I just happened to
>> > > stumble over:
>> > > 
>> > > https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html
>> > > 
>> > > The vulnerability is a NULL pointer dereference when
>> > > reading either of two two byte sequences:
>> > > 
>> > >     1: 0xff 0xf7
>> > >     2: 0xff 0xf8
>> > > 
>> > > The blog shows GNU Inetutils' telnetd as vulnerable:
>> > > 
>> > > https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html#remote-dos-inetutils
>> 
>> This has been assigned CVE-2022-39028 (I think from the Debian pool),
>> after I reported it to the Debian security team.
>
> While it might have been nice to get this in the commit message, I
> think it would still be nice to add a reference in the NEWS. :)

Added, thank you.

https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=6c3c6acaf352151c6155a8cd78fe490148d0e22a

/Simon

Attachment: signature.asc
Description: PGP signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]