NetBSD talkd Inbound Message Overflow

2002-10-08T00:00:00
ID OSVDB:7564
Type osvdb
Reporter OSVDB
Modified 2002-10-08T00:00:00

Description

Vulnerability Description

A remote overflow exists in the talk daemon on NetBSD. The talk daemon fails to check the length of incoming messages, resulting in a buffer overflow. With a specially crafted request, an attacker can cause execution of arbitrary code, resulting in a loss of confidentiality, integrity, and/or availability.

Solution Description

Upgrade to version 1.6.1 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by applying the vendor-supplied patch.

Short Description

A remote overflow exists in the talk daemon on NetBSD. The talk daemon fails to check the length of incoming messages, resulting in a buffer overflow. With a specially crafted request, an attacker can cause execution of arbitrary code, resulting in a loss of confidentiality, integrity, and/or availability.

References:

Vendor Specific Advisory URL ISS X-Force ID: 10303 CVE-2002-1194 Bugtraq ID: 5910