IRIX telnetd Environment Variable Format String

2000-08-14T00:00:00
ID OSVDB:1511
Type osvdb
Reporter OSVDB
Modified 2000-08-14T00:00:00

Description

Vulnerability Description

Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request.

Short Description

Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request.

References:

CVE-2000-0733 Bugtraq ID: 1572