3 matches found
CVE-2009-0641
CVE-2009-0641 affects FreeBSD telnetd (sys_term.c) in 7.0-RELEASE and other 7.x releases. The vulnerability stems from environment-variable handling where dangerous vars were not scrubbed using a method valid only in older FreeBSD distributions, enabling remote attackers to execute arbitrary code...
FreeBSD telnetd sys_term.c Environment Variable Handling Privilege Escalation (FreeBSD-SA-09:05)
A flaw in the environment-handling code used by the telnet server running on the remote host fails to scrub the environment of variables such as 'LDPRELOAD' before calling the login program. An attacker who can place an arbitrary library on the remote host, either as a local user or remotely...
CVE-2009-0641
creationtimestamp| type| source ---|---|--- 2009-02-16 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8055...