projects / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bc4421a) | patch
fix MITKRB5-SA-2005-001 telnet client vuln
authorTom Yu <tlyu@mit.edu>
Tue, 29 Mar 2005 21:21:14 +0000 (21:21 +0000)
committerTom Yu <tlyu@mit.edu>
Tue, 29 Mar 2005 21:21:14 +0000 (21:21 +0000)
commit08c52c1b3c2dfdd825dfa671cebff141697fc0d7
tree45de9a502bcf0ceb21d48dcd1235d82c98323298tree | snapshot
parentbc4421a1391d0e17b5b9b07e4fb6ac2d13998c46commit | diff
fix MITKRB5-SA-2005-001 telnet client vuln

* telnet.c (slc_add_reply, slc_end_reply): Fix buffer overflow
vulnerability by checking lengths.
(env_opt_add): Ensure buffer allocation is sufficiently large,
accounting for expansion during IAC quoting.

ticket: new
tags: pullup
version_reported: 1.4
target_version: 1.4.1
component: telnet

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17162 dc483132-0cff-0310-8789-dd5450dbe970
src/appl/telnet/telnet/ChangeLog diff | blob | history
src/appl/telnet/telnet/telnet.c diff | blob | history
MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.