TELNET: Absolute Telnet Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Absolute Telnet client 2.0.0. Attackers can use a malicious Telnet server to overflow the buffer and execute arbitrary commands with permissions of the user that initiated the connection.
Extended Description
A buffer overflow vulnerability was reported for AbsoluteTelnet. The vulnerability exists due to insufficient bounds checking performed when setting the title bar of the client. An attacker can exploit this vulnerability by enticing a victim user to view a website with malicious HTML tags. This will cause the buffer overflow condition. Code execution may be possible.
Affected Products
Celestial_software absolutetelnet
Short Name
TELNET:OVERFLOW:ABSOLUTE-UK2-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
TELNET
Keywords
Absolute Buffer CVE-2003-1090 Overflow Telnet bid:6785
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Celestial_software
CVSS Score
10.0