CVE-2011-4862

🗓️ 25 Dec 2011 01:00:00Reported by freebsdType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 418 Views🌐 WEB

Buffer overflow in telnetd in FreeBSD 7.3-9.0 & other products allows remote code execution

Reporter	Title	Published	Views	Family All 164
0day.today	FreeBSD Telnet Service Encryption Key ID Buffer Overflow	14 Jan 201200:00	–	zdt
0day.today	Linux BSD-derived Telnet Service Encryption Key ID Buffer Overflow	14 Jan 201200:00	–	zdt
0day.today	Cisco Ironport WSA telnetd Remote Code Execution Vulnerability	24 Oct 201400:00	–	zdt
FreeBSD	krb5-appl -- telnetd code execution vulnerability	23 Dec 201100:00	–	freebsd
BDU FSTEC	Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the OpenSUSE operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the OpenSUSE operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.	28 Apr 201500:00	–	bdu_fstec

NVD

Node

gnu inetutilsRange<1.9

heimdal_project heimdalRange≤1.5.1

mit krb5-applRange≤1.0.2

freebsd freebsdRange7.3–9.0

Node

fedoraproject fedoraMatch15

fedoraproject fedoraMatch16

Node

debian debian_linuxMatch5.0

debian debian_linuxMatch6.0

debian debian_linuxMatch7.0

Node

opensuse opensuseMatch11.3

opensuse opensuseMatch11.4

suse linux_enterprise_desktopMatch10sp4-

suse linux_enterprise_desktopMatch11sp1

suse linux_enterprise_serverMatch9

suse linux_enterprise_serverMatch10sp2

suse linux_enterprise_serverMatch10sp3ltss

suse linux_enterprise_serverMatch10sp4-

suse linux_enterprise_serverMatch11sp1-

suse linux_enterprise_serverMatch11sp1-vmware

suse linux_enterprise_software_development_kitMatch10sp4

suse linux_enterprise_software_development_kitMatch11sp1

Source	Link
redhat	www.redhat.com/support/errata/RHSA-2011-1853.html
lists	www.lists.opensuse.org/opensuse-security-announce/2012-01/msg00007.html
lists	www.lists.freebsd.org/pipermail/freebsd-security/2011-December/006117.html
mandriva	www.mandriva.com/security/advisories
secunia	www.secunia.com/advisories/47359
lists	www.lists.opensuse.org/opensuse-security-announce/2012-01/msg00015.html
lists	www.lists.opensuse.org/opensuse-security-announce/2012-01/msg00014.html
debian	www.debian.org/security/2011/dsa-2373
secunia	www.secunia.com/advisories/47373
lists	www.lists.fedoraproject.org/pipermail/package-announce/2012-January/071627.html

Parameter	Position	Path	Description	CWE
encryption key length	binary	security.freebsd.org/advisories/FreeBSD-SA-11:08.telnetd.asc	Overflow in telnetd encrypt.c allows remote code execution via long encryption key.	CWE-120
long encryption key	binary	security.freebsd.org/advisories/FreeBSD-SA-11:08.telnetd.asc	Overflow in telnetd encrypt.c allows remote code execution via long encryption key.	CWE-120

16 Jun 2026 23:35Current

7.3High risk

Vulners AI Score7.3

CVSS 210

EPSS0.95104

CWE-120