Date: Wed, 30 Jun 2004 19:05:48 -0400 From: "vendor-disclosure" <vendor-disclosure@idefense.com> To: <ports@FreeBSD.org>, <security-officer@FreeBSD.org> Cc: vendor-disclosure <vendor-disclosure@idefense.com> Subject: iDEFENSE Security Advisory - SSLTelnet Remote Format String Vulnerability Message-ID: <FB24803D1DF2A34FA59FC157B77C970502D684B7@idserv04.idef.com>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. ------_=_NextPart_001_01C45EF6.C8508564 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable =20 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE has identified a format string vulnerability in SSLTelnet. This vulnerability was submitted to iDEFENSE through our Vulnerability Contributor Program (http://www.idefense.com/poi/teams/vcp.jsp). iDEFENSE Labs has validated this vulnerability and has drafted the attached advisory. In accordance with our vendor disclosure policy (http://www.idefense.com/legal_disclosure.jsp) we would request that you acknowledge receipt of this initial notification within five business days so that we may begin the process of coordinating an appropriate public disclosure date for this issue that will provide your company with adequate time to develop a patch or workaround to mitigate this vulnerability. If you have questions regarding this issue or require further details to assist with your own analysis, please do not hesitate to contact us.=20 Regards, Michael Sutton Michael Sutton, CA, CISA Director, iDEFENSE Labs iDEFENSE 1875 Campus Commons Drive, Suite 210 Reston, VA 20191 direct: 703.480.5628 voice: 703.390.1230 fax: 703.390.9456 msutton@idefense.com www.idefense.com -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQONHSm47Oh6MSHwZEQKc/wCfYuub2hbayeupHxbzWkzp5YAn3T8An1sn Sf+6hosiyO4+Gm7aJlwgfdEh =3DFbtv -----END PGP SIGNATURE----- =20 ------_=_NextPart_001_01C45EF6.C8508564 Content-Type: text/plain; name="pub_SSLTelnet Remote Format String Vulnerability.txt" Content-Transfer-Encoding: base64 Content-Description: pub_SSLTelnet Remote Format String Vulnerability.txt Content-Disposition: attachment; filename="pub_SSLTelnet Remote Format String Vulnerability.txt" U1NMVGVsbmV0IFJlbW90ZSBGb3JtYXQgU3RyaW5nIFZ1bG5lcmFiaWxpdHkNCg0KaURFRkVOU0Ug U2VjdXJpdHkgQWR2aXNvcnkgMDYuMjQuMDQNCnd3dy5pZGVmZW5zZS5jb20vYXBwbGljYXRpb24v cG9pL2Rpc3BsYXk/PGluc2VydCBhcmdzIGhlcmU+DQpKdW5lIDI0LCAyMDA0DQoNCkkuIEJBQ0tH Uk9VTkQNCg0KU1NMdGVsbmV0ZCBpcyBhIHJlcGxhY2VtZW50IGZvciB0ZWxuZXRkIGF2YWlsYWJs ZSBhcyBwYXJ0IG9mIHRoZSBGcmVlQlNEIA0KcG9ydHMgY29sbGVjdGlvbiBhdCBodHRwOi8vd3d3 LmZyZWVic2Qub3JnL3BvcnRzL3NlY3VyaXR5Lmh0bWwuIEl0IA0KaW1wbGVtZW50cyB0aGUgdGVs bmV0IHByb3RvY29sIG92ZXIgU1NMIGFzIHRoZSBuYW1lIHN1Z2dlc3RzLg0KDQpJSS4gREVTQ1JJ UFRJT04NCg0KU1NMdGVsbmV0IGNvbnRhaW5zIGEgZm9ybWF0IHN0cmluZyB2dWxuZXJhYmlsaXR5 IHRoYXQgY291bGQgYWxsb3cgcmVtb3RlIA0KY29kZSBleGVjdXRpb24uICANCg0KT24gbGluZSA1 MzAgb2YgdGVsbmV0ZC5jIHRoZSBzeXNsb2coKSBmdW5jdGlvbiBpbmNvcnJlY3RseSB1c2VkLCAN CnJlc3VsdGluZyBpbiBhIGZvcm1hdCBzdHJpbmdzIHZ1bG5lcmFiaWxpdHkuIA0KDQpTU0xfc2V0 X3ZlcmlmeShzc2xfY29uLHNzbF92ZXJpZnlfZmxhZyxOVUxMKTsNCg0KICAgICAgICAgICAgaWYg KFNTTF9hY2NlcHQoc3NsX2NvbikgPD0gMCkgew0KICAgICAgICAgICAgICAgIHN0YXRpYyBjaGFy IGVycmJ1ZlsxMDI0XTsNCg0KICAgICAgICAgICAgICAgIHNwcmludGYoZXJyYnVmLCJTU0xfYWNj ZXB0IGVycm9yICVzXG4iLCANCiAgICAgICAgICAgICAgICBFUlJfZXJyb3Jfc3RyaW5nKEVSUl9n ZXRfZXJyb3IoKSxOVUxMKSk7DQoNCiAgICAgICAgICAgICAgICBzeXNsb2coTE9HX1dBUk5JTkcs IGVycmJ1Zik7ICAvLyB2dWxuZXJhYmxlIGNhbGwNCg0KICAgICAgICAgICAgICAgIEJJT19wcmlu dGYoYmlvX2VycixlcnJidWYpOw0KDQogICAgICAgICAgICAgICAgLyogZ28gdG8gc2xlZXAgdG8g bWFrZSBzdXJlIHdlIGFyZSBub3RpY2VkICovDQogICAgICAgICAgICAgICAgc2xlZXAoMTApOw0K ICAgICAgICAgICAgICAgIFNTTF9mcmVlKHNzbF9jb24pOw0KDQogICAgICAgICAgICAgICAgX2V4 aXQoMSk7DQogICAgICAgICAgICB9IGVsc2Ugew0KICAgICAgICAgICAgICAgIHNzbF9hY3RpdmVf ZmxhZz0xOw0KICAgICAgICAgICAgfQ0KICAgICAgICB9DQoNCklJSS4gQU5BTFlTSVMNCg0KVGhp cyB2dWxuZXJhYmlsaXR5IGNvdWxkIGJlIHJlbW90ZWx5IGV4cGxvaXRhYmxlIHVuZGVyIGNlcnRh aW4gDQpjb25kaXRpb25zLiAgSWYgZXhwbG9pdGF0aW9uIGlzIHN1Y2Nlc3NmdWwsIGdhaW5pbmcg cm9vdCBhY2Nlc3MgaXMgDQpwb3NzaWJsZSBhcyB0aGUgcHJvY2VzcyBydW5zIGFzIHJvb3QuIA0K DQpJVi4gREVURUNUSU9ODQoNCmlERUZFTlNFIGhhcyBjb25maXJtZWQgdGhlIGV4aXN0ZW5jZSBv ZiB0aGlzIHZ1bG5lcmFiaWxpdHkgYWdhaW5zdCANClNTTFRlbG5ldCB0aGUgY3VycmVudCBTU0xU ZWxuZXQgdmVyc2lvbiwgMC4xMy0xLg0KDQpWLiBXT1JLQVJPVU5EDQoNCmlERUZFTlNFIGlzIGN1 cnJlbnRseSB1bmF3YXJlIG9mIGFueSB3b3JrYXJvdW5kcyBmb3IgdGhpcyBpc3N1ZS4NCg0KVkku IFZFTkRPUiBSRVNQT05TRQ0KDQpUQkQNCg0KVklJLiBDVkUgSU5GT1JNQVRJT04NCg0KQSBNaXRy ZSBDb3JwLiBDb21tb24gVnVsbmVyYWJpbGl0aWVzIGFuZCBFeHBvc3VyZXMgKENWRSkgbnVtYmVy IGhhcyBub3QNCmJlZW4gYXNzaWduZWQgeWV0Lg0KDQpWSUlJLiBESVNDTE9TVVJFIFRJTUVMSU5F DQoNCjA0LzAzLzIwMDMgICBWdWxuZXJhYmlsaXR5IGFjcXVpcmVkIGJ5IGlERUZFTlNFDQowNi8y OS8yMDA0ICAgSW5pdGlhbCB2ZW5kb3Igbm90aWZpY2F0aW9uDQoNCklYLiBDUkVESVQNCg0KQW4g YW5vbnltb3VzIHNvdXJjZSBpcyBjcmVkaXRlZCB3aXRoIHRoaXMgZGlzY292ZXJ5Lg0KDQpHZXQg cGFpZCBmb3IgdnVsbmVyYWJpbGl0eSByZXNlYXJjaA0KaHR0cDovL3d3dy5pZGVmZW5zZS5jb20v cG9pL3RlYW1zL3ZjcC5qc3ANCg0KQ29weXJpZ2h0ID8gMjAwNCBpREVGRU5TRSwgSW5jLg0KDQpQ ZXJtaXNzaW9uIGlzIGdyYW50ZWQgZm9yIHRoZSByZWRpc3RyaWJ1dGlvbiBvZiB0aGlzIGFsZXJ0 DQplbGVjdHJvbmljYWxseS4gSXQgbWF5IG5vdCBiZSBlZGl0ZWQgaW4gYW55IHdheSB3aXRob3V0 IHRoZSBleHByZXNzDQp3cml0dGVuIGNvbnNlbnQgb2YgaURFRkVOU0UuIElmIHlvdSB3aXNoIHRv IHJlcHJpbnQgdGhlIHdob2xlIG9yIGFueQ0KcGFydCBvZiB0aGlzIGFsZXJ0IGluIGFueSBvdGhl ciBtZWRpdW0gb3RoZXIgdGhhbiBlbGVjdHJvbmljYWxseSwgcGxlYXNlDQplbWFpbCBjdXN0b21l cnNlcnZpY2VAaWRlZmVuc2UuY29tIGZvciBwZXJtaXNzaW9uLg0KDQpEaXNjbGFpbWVyOiBUaGUg aW5mb3JtYXRpb24gaW4gdGhlIGFkdmlzb3J5IGlzIGJlbGlldmVkIHRvIGJlIGFjY3VyYXRlDQph dCB0aGUgdGltZSBvZiBwdWJsaXNoaW5nIGJhc2VkIG9uIGN1cnJlbnRseSBhdmFpbGFibGUgaW5m b3JtYXRpb24uIFVzZQ0Kb2YgdGhlIGluZm9ybWF0aW9uIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ug Zm9yIHVzZSBpbiBhbiBBUyBJUyBjb25kaXRpb24uDQpUaGVyZSBhcmUgbm8gd2FycmFudGllcyB3 aXRoIHJlZ2FyZCB0byB0aGlzIGluZm9ybWF0aW9uLiBOZWl0aGVyIHRoZQ0KYXV0aG9yIG5vciB0 aGUgcHVibGlzaGVyIGFjY2VwdHMgYW55IGxpYWJpbGl0eSBmb3IgYW55IGRpcmVjdCwgaW5kaXJl Y3QsDQpvciBjb25zZXF1ZW50aWFsIGxvc3Mgb3IgZGFtYWdlIGFyaXNpbmcgZnJvbSB1c2Ugb2Ys IG9yIHJlbGlhbmNlIG9uLA0KdGhpcyBpbmZvcm1hdGlvbi4NCg0K ------_=_NextPart_001_01C45EF6.C8508564--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FB24803D1DF2A34FA59FC157B77C970502D684B7>