---------------------------------------------------------------------Fedora Update Notification
FEDORA-2005-274
2005-03-30
---------------------------------------------------------------------Product     : Fedora Core 3
Name        : telnet
Version     : 0.17
Release     : 32.FC3.2
Summary     : The client program for the telnet remote login protocol.
Description :
Telnet is a popular protocol for logging into remote systems over the
Internet. The telnet package provides a command line telnet client.

---------------------------------------------------------------------Update Information:

Two buffer overflow flaws were discovered in the way the telnet client
handles messages from a server. An attacker may be able to execute
arbitrary code on a victim's machine if the victim can be tricked into
connecting to a malicious telnet server. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the names CAN-2005-0468
and CAN-2005-0469 to these issues.


Red Hat would like to thank iDEFENSE for their responsible disclosure of
this issue.
---------------------------------------------------------------------* Thu Mar 17 2005 Harald Hoyer  - 1:0.17-32.FC3.2

- fixed CAN-2005-468 and CAN-2005-469

* Thu Jan 13 2005 Jason Vas Dias  - 1:0.17-31

- bug 143929 / 145004 : fix race condition in telnetd on wtmp lock
- when cleanup() is entered from main process and in signal
- handler


---------------------------------------------------------------------This update can be downloaded from:
   
89834e05dfaaf87030241f12a8d43622  SRPMS/telnet-0.17-32.FC3.2.src.rpm
9ffe815c3d82132847f6f243662d8689  x86_64/telnet-0.17-32.FC3.2.x86_64.rpm
70c70de3253e43c621e1bd753ad85ac8  x86_64/telnet-server-0.17-32.FC3.2.x86_64.rpm
299a0a1ddc2f575b14509757a8e352fa  x86_64/debug/telnet-debuginfo-0.17-32.FC3.2.x86_64.rpm
317a655b172288cfc0615b1a06fd2e07  i386/telnet-0.17-32.FC3.2.i386.rpm
a51075465fe35429b26f83df4e1888b5  i386/telnet-server-0.17-32.FC3.2.i386.rpm
0f90b3b223e4a5286882f29d2ddc39dc  i386/debug/telnet-debuginfo-0.17-32.FC3.2.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
-----------------------------------------------------------------------fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list

Fedora Core 3 Update: telnet-0.17-32.FC3.2

March 30, 2005
Two buffer overflow flaws were discovered in the way the telnet client handles messages from a server

Summary

Telnet is a popular protocol for logging into remote systems over the

Internet. The telnet package provides a command line telnet client.

Two buffer overflow flaws were discovered in the way the telnet client

handles messages from a server. An attacker may be able to execute

arbitrary code on a victim's machine if the victim can be tricked into

connecting to a malicious telnet server. The Common Vulnerabilities and

Exposures project (cve.mitre.org) has assigned the names CAN-2005-0468

and CAN-2005-0469 to these issues.

Red Hat would like to thank iDEFENSE for their responsible disclosure of

this issue.

- fixed CAN-2005-468 and CAN-2005-469

* Thu Jan 13 2005 Jason Vas Dias - 1:0.17-31

- bug 143929 / 145004 : fix race condition in telnetd on wtmp lock

- when cleanup() is entered from main process and in signal

- handler

89834e05dfaaf87030241f12a8d43622 SRPMS/telnet-0.17-32.FC3.2.src.rpm

9ffe815c3d82132847f6f243662d8689 x86_64/telnet-0.17-32.FC3.2.x86_64.rpm

70c70de3253e43c621e1bd753ad85ac8 x86_64/telnet-server-0.17-32.FC3.2.x86_64.rpm

299a0a1ddc2f575b14509757a8e352fa x86_64/debug/telnet-debuginfo-0.17-32.FC3.2.x86_64.rpm

317a655b172288cfc0615b1a06fd2e07 i386/telnet-0.17-32.FC3.2.i386.rpm

a51075465fe35429b26f83df4e1888b5 i386/telnet-server-0.17-32.FC3.2.i386.rpm

0f90b3b223e4a5286882f29d2ddc39dc i386/debug/telnet-debuginfo-0.17-32.FC3.2.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

fedora-announce-list@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-announce-list

FEDORA-2005-274 2005-03-30 Name : telnet Version : 0.17 Release : 32.FC3.2 Summary : The client program for the telnet remote login protocol. Description : Telnet is a popular protocol for logging into remote systems over the Internet. The telnet package provides a command line telnet client. Two buffer overflow flaws were discovered in the way the telnet client handles messages from a server. An attacker may be able to execute arbitrary code on a victim's machine if the victim can be tricked into connecting to a malicious telnet server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0468 and CAN-2005-0469 to these issues. Red Hat would like to thank iDEFENSE for their responsible disclosure of this issue. - fixed CAN-2005-468 and CAN-2005-469 * Thu Jan 13 2005 Jason Vas Dias - 1:0.17-31 - bug 143929 / 145004 : fix race condition in telnetd on wtmp lock - when cleanup() is entered from main process and in signal - handler 89834e05dfaaf87030241f12a8d43622 SRPMS/telnet-0.17-32.FC3.2.src.rpm 9ffe815c3d82132847f6f243662d8689 x86_64/telnet-0.17-32.FC3.2.x86_64.rpm 70c70de3253e43c621e1bd753ad85ac8 x86_64/telnet-server-0.17-32.FC3.2.x86_64.rpm 299a0a1ddc2f575b14509757a8e352fa x86_64/debug/telnet-debuginfo-0.17-32.FC3.2.x86_64.rpm 317a655b172288cfc0615b1a06fd2e07 i386/telnet-0.17-32.FC3.2.i386.rpm a51075465fe35429b26f83df4e1888b5 i386/telnet-server-0.17-32.FC3.2.i386.rpm 0f90b3b223e4a5286882f29d2ddc39dc i386/debug/telnet-debuginfo-0.17-32.FC3.2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. fedora-announce-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-announce-list

Change Log

References

Update Instructions

Severity
Name : telnet
Version : 0.17
Release : 32.FC3.2
Summary : The client program for the telnet remote login protocol.

Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved