FreeBSD -- Possible login(1) argument injection in telnetd(8)
An unexpected sequence of memory allocation failures
combined with insufficient error checking could result in
the construction and execution of an argument sequence that
was not intended.
An attacker who controls the sequence of memory allocation
failures and success may cause login(1) to run without
authentication and may be able to cause misbehavior of
No practical way of controlling these memory allocation
failures is known at this time.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright