FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- telnet(1) client multiple vulnerabilities

Affected packages
12.0 <= FreeBSD < 12.0_8
11.2 <= FreeBSD < 11.2_12
11.3 <= FreeBSD < 11.3_1

Details

VuXML ID 39f6cbff-b30a-11e9-a87f-a4badb2f4699
Discovery 2019-07-24
Entry 2019-07-30

Problem Description:

Insufficient validation of environment variables in the telnet client supplied in FreeBSD can lead to stack-based buffer overflows. A stack- based overflow is present in the handling of environment variables when connecting via the telnet client to remote telnet servers.

This issue only affects the telnet client. Inbound telnet sessions to telnetd(8) are not affected by this issue.

Impact:

These buffer overflows may be triggered when connecting to a malicious server, or by an active attacker in the network path between the client and server. Specially crafted TELNET command sequences may cause the execution of arbitrary code with the privileges of the user invoking telnet(1).

References

CVE Name CVE-2019-0053
FreeBSD Advisory SA-19:12.telnet