漏洞信息详情
SSLTelnetd未明的格式串漏洞
- CNNVD编号:CNNVD-200412-099
- 危害等级: 高危
- CVE编号: CVE-2004-0998
- 漏洞类型: 格式化字符串
- 发布时间: 2004-12-23
- 威胁类型: 远程
- 更新时间: 2006-09-22
- 厂 商: telnetd
- 漏洞来源: Discovery is credi...
漏洞简介
telnetd-ssl 0.17及其以前的版本存在格式串漏洞。远程攻击者利用该漏洞执行任意代码。
漏洞公告
Debian has released an advisory DSA 616-1 to address this issue. Please see the referenced advisory for more information. Netkit Linux Netkit 0.17.17
- Debian telnet-ssl_0.17.17+0.1-2woody3_alpha.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne t-ssl_0.17.17+0.1-2woody3_alpha.deb
- Debian telnet-ssl_0.17.17+0.1-2woody3_arm.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne t-ssl_0.17.17+0.1-2woody3_arm.deb
- Debian telnet-ssl_0.17.17+0.1-2woody3_hppa.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne t-ssl_0.17.17+0.1-2woody3_hppa.deb
- Debian telnet-ssl_0.17.17+0.1-2woody3_i386.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne t-ssl_0.17.17+0.1-2woody3_i386.deb
- Debian telnet-ssl_0.17.17+0.1-2woody3_ia64.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne t-ssl_0.17.17+0.1-2woody3_ia64.deb
- Debian telnet-ssl_0.17.17+0.1-2woody3_m68k.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne t-ssl_0.17.17+0.1-2woody3_m68k.deb
- Debian telnet-ssl_0.17.17+0.1-2woody3_mips.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne t-ssl_0.17.17+0.1-2woody3_mips.deb
- Debian telnet-ssl_0.17.17+0.1-2woody3_mipsel.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne t-ssl_0.17.17+0.1-2woody3_mipsel.deb
- Debian telnet-ssl_0.17.17+0.1-2woody3_powerpc.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne t-ssl_0.17.17+0.1-2woody3_powerpc.deb
- Debian telnet-ssl_0.17.17+0.1-2woody3_s390.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne t-ssl_0.17.17+0.1-2woody3_s390.deb
- Debian telnet-ssl_0.17.17+0.1-2woody3_sparc.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne t-ssl_0.17.17+0.1-2woody3_sparc.deb
- Debian telnetd-ssl_0.17.17+0.1-2woody3_alpha.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne td-ssl_0.17.17+0.1-2woody3_alpha.deb
- Debian telnetd-ssl_0.17.17+0.1-2woody3_arm.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne td-ssl_0.17.17+0.1-2woody3_arm.deb
- Debian telnetd-ssl_0.17.17+0.1-2woody3_hppa.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne td-ssl_0.17.17+0.1-2woody3_hppa.deb
- Debian telnetd-ssl_0.17.17+0.1-2woody3_i386.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne td-ssl_0.17.17+0.1-2woody3_i386.deb
- Debian telnetd-ssl_0.17.17+0.1-2woody3_ia64.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne td-ssl_0.17.17+0.1-2woody3_ia64.deb
- Debian telnetd-ssl_0.17.17+0.1-2woody3_m68k.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne td-ssl_0.17.17+0.1-2woody3_m68k.deb
- Debian telnetd-ssl_0.17.17+0.1-2woody3_mips.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne td-ssl_0.17.17+0.1-2woody3_mips.deb
- Debian telnetd-ssl_0.17.17+0.1-2woody3_mipsel.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne td-ssl_0.17.17+0.1-2woody3_mipsel.deb
- Debian telnetd-ssl_0.17.17+0.1-2woody3_powerpc.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne td-ssl_0.17.17+0.1-2woody3_powerpc.deb
- Debian telnetd-ssl_0.17.17+0.1-2woody3_s390.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne td-ssl_0.17.17+0.1-2woody3_s390.deb
- Debian telnetd-ssl_0.17.17+0.1-2woody3_sparc.debDebian GNU/Linux 3.0 alias woody http://security.debian.org/pool/updates/main/n/netkit-telnet-ssl/telne td-ssl_0.17.17+0.1-2woody3_sparc.deb
参考网址
来源:US-CERT Vulnerability Note: VU#995038 名称: VU#995038 链接:http://www.kb.cert.org/vuls/id/995038 来源: XF 名称: netkit-telnetssl-format-string(18654) 链接:http://xforce.iss.net/xforce/xfdb/18654 来源: DEBIAN 名称: DSA-616 链接:http://www.debian.org/security/2004/dsa-616 来源: SECUNIA 名称: 13663 链接:http://secunia.com/advisories/13663
受影响实体
- Telnetd Telnetd:0.17.25
- Telnetd Telnetd:0.17.18
- Telnetd Telnetd-Ssl:0.17.17_0.1.2:Woody1
- Telnetd Telnetd-Ssl:0.17.17_0.1.2
- Telnetd Telnetd-Ssl:0.17.17_0.1.1
补丁
暂无
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
特别声明
本站(ZONE.CI)所有文章仅供技术研究,若将其信息做其他用途,由用户承担全部法律及连带责任,本站不承担任何法律及连带责任,请遵守中华人民共和国安全法.
评论