PT-2008-1805 · Seattlelab · Slnet Rf Telnet Server
Luigi Auriemma
·
Publicado
2008-01-09
·
Atualizado
2011-09-21
·
CVE-2008-0152
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
SeattleLab SLNet RF Telnet Server versions 4.1.1.3758 and earlier
Description
The issue allows remote attackers to cause a denial of service, resulting in a crash, via unspecified telnet options. This is achieved by triggering a NULL pointer dereference. It is noted that when the server is running in debug mode, the crash does not require user assistance.
Recommendations
For SeattleLab SLNet RF Telnet Server versions 4.1.1.3758 and earlier, consider disabling the telnet options that trigger the NULL pointer dereference as a temporary workaround until a patch is available. Restrict access to the server when it is running in debug mode to minimize the risk of exploitation.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Slnet Rf Telnet Server