TELNET: FreeBSD telnetd Buffer Overflow Check
This signature detects attempts to exploit a known vulnerability against TELNET daemon. FreeBSD 4.3, NetBSD 1.5, and BSDI 4.1 are vulnerable. Attackers who can determine if a TELNET server is vulnerable, can create a denial-of-service condition or execute arbitrary code on the affected system.
Extended Description
A boundary condition error exists in telnet daemons derived from the BSD telnet daemon. Under certain circumstances, the buffer overflow can occur when a combination of telnet protocol options are received by the daemon. The function responsible for processing the options prepares a response within a fixed sized buffer, without performing any bounds checking. This vulnerability is now being actively exploited. A worm is known to be circulating around the Internet.
Affected Products
Cisco catalyst_5000,Openbsd openbsd
Short Name
TELNET:OVERFLOW:YBSD-OF-CHECK
Severity
Major
Recommended
False
Recommended Action
Drop
Category
TELNET
Keywords
Buffer CVE-2001-0554 Check FreeBSD Overflow bid:3064 telnetd
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Sco
Cisco
Ibm
Netkit
Hp
Debian
Sgi
Freebsd
Sun
Bsd
Openbsd
Netbsd
Mit
CVSS Score
10.0