Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2011-4862

Опубликовано: 25 дек. 2011
Источник: nvd
CVSS2: 10
EPSS Критический

Описание

Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:gnu:inetutils:*:*:*:*:*:*:*:*
Версия до 1.9 (исключая)
cpe:2.3:a:heimdal_project:heimdal:*:*:*:*:*:*:*:*
Версия до 1.5.1 (включая)
cpe:2.3:a:mit:krb5-appl:*:*:*:*:*:*:*:*
Версия до 1.0.2 (включая)
cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
Версия от 7.3 (включая) до 9.0 (включая)
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:-:vmware:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp1:*:*:*:*:*:*

EPSS

Процентиль: 100%
0.92585
Критический

10 Critical

CVSS2

Дефекты

CWE-120

Связанные уязвимости

ubuntu логотип

CVE-2011-4862

ubuntu
больше 13 лет назад

Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.

redhat логотип

CVE-2011-4862

redhat
больше 13 лет назад

Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.

debian логотип

CVE-2011-4862

debian
больше 13 лет назад

Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 throu ...

github логотип

GHSA-x8cr-m6vm-pqh4

github
больше 3 лет назад

Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.

oracle-oval логотип

ELSA-2011-1852

oracle-oval
больше 13 лет назад

ELSA-2011-1852: krb5-appl security update (CRITICAL)

EPSS

Процентиль: 100%
0.92585
Критический

10 Critical

CVSS2

Дефекты

CWE-120