Severity: Unknown
Affected Package: telnet
Summary: Buffer overflows in the telnet client
A stack-based overflow is present in the handling of environment variables when connecting via the telnet(1) client to remote telnet servers. The overflow may be triggered when connecting to a malicious server or by an attacker in the network path, and specially crafted TELNET command sequences may cause execution of arbitrary code with the privileges of the user invoking telnet. Only the client is affected; inbound sessions to telnetd are not.
No specific recommendations provided.
Aliases: CVE-2019-0053
Published: July 24, 2019
Last Modified: July 24, 2019