Severity: Unknown
Affected Package: telnetd
Summary: telnetd argument injection into login(1)
The telnet daemon passed unsanitized user-supplied data as arguments to login(1), allowing a possible argument injection. A remote attacker could potentially influence the login invocation. Corrected in the 0.8.5 release along with a libc fix.
No specific recommendations provided.
Aliases: CVE-2016-1888
Published: December 13, 2016
Last Modified: December 13, 2016