A remotely exploitable buffer overflow vulnerability exists in AbsoluteTelnet. This vulnerability may allow a malicious server operator to execute arbitrary code on a vulnerable client.
AbsoluteTelnet is a terminal client. A remotely exploitable buffer overflow vulnerability exists in the code that sets the terminal titlebar. This vulnerability may allow a malicious server operator to execute arbitrary code. An exploit for this vulnerability is publicly available.
A malicious server operator may be able to execute arbitrary code on a host running AbsoluteTelnet.
Upgrade to AbsoluteTelnet version 2.12 RC10. For information on how to obtain 2.12 RC10, please see <http://www.celestialsoftware.net/telnet/beta_software.html>.
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Updated: February 07, 2003
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Please see <http://www.celestialsoftware.net/telnet/beta_software.html>.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Group | Score | Vector
Base | |
Temporal | |
Environmental | |
This vulnerability was discovered by Knud Erik Højgaard.
This document was written by Ian A Finlay.
CVE IDs: | None
Severity Metric: | 22.20
Date Public: | 2003-02-06
Date First Published: | 2003-02-07
Date Last Updated: | 2003-02-07 20:58 UTC
Document Revision: | 10