Debian Security Advisory DSA 765-1 - A buffer overflow was discovered in the handling of the LINEMODE suboptions in telnet clients. Heimdal, a free implementation of Kerberos 5, also contains such a client. This can lead to the execution of arbitrary code when connected to a malicious server.
b7baf9fd1de6d686f58aaba35950d80f6e018eae34e768acc7cda018e5fabe46
Gentoo Linux Security Advisory GLSA 200504-28 - Buffer overflow vulnerabilities in the slc_add_reply() and env_opt_add() functions have been discovered by Gael Delalleau in the telnet client in Heimdal. Versions less than 0.6.4 are affected.
8f9785ac0de012dcf5e162da16f150a5a3fc8423a3b5bf8c8f0c7332c37b590a
SCO Security Advisory - Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.
47e004e77d661de8734283de6bd87cbb7957bfb833df1fdc601dad8e564ad138
Gentoo Linux Security Advisory GLSA 200504-04 - A buffer overflow has been identified in the env_opt_add() function, where a response requiring excessive escaping can cause a heap-based buffer overflow. Another issue has been identified in the slc_add_reply() function, where a large number of SLC commands can overflow a fixed size buffer. Versions less than 1.3.6-r2 are affected.
f7217e2ad04e61a5c5b3356d23794f6432906bf4faad357820a6f61c4c363c80
Debian Security Advisory 703-1 - Several problems have been discovered in telnet clients that could be exploited by malicious daemons the client connects to.
1ac05e13e0e9da51cc975b5afcfe0deb017a7fea3c67f4ae413519a3f368e36d
Gentoo Linux Security Advisory GLSA 200504-01 - A buffer overflow has been identified in the env_opt_add() function of telnet-bsd, where a response requiring excessive escaping can cause a heap-based buffer overflow. Another issue has been identified in the slc_add_reply() function, where a large number of SLC commands can overflow a fixed size buffer. Versions less than 1.0-r1 are affected.
8bcffc55a21a03c699efde904973c6c98e6c6c72680e822371928de3faa85894
Gentoo Linux Security Advisory GLSA 200503-36 - A buffer overflow has been identified in the slc_add_reply() function of netkit-telnetd client, where a large number of SLC commands can overflow a fixed size buffer. Versions less than 0.17-r6 are affected.
1868fcdcf2f0bfbda08529e6d74101e0bc273dab98c9b392c2cfd74dac5431f6
iDEFENSE Security Advisory 03.28.05 - Remote exploitation of an buffer overflow vulnerability error in multiple telnet clients may allow execution of arbitrary commands. The vulnerability specifically exists in the handling of the LINEMODE suboptions, in that there is no size check made on the output, which is stored in a fixed length buffer. iDEFENSE has confirmed the existence of the vulnerability in the telnet client included in the Kerberos V5 Release 1.3.6 package and the client included in the SUNWtnetc package of Solaris 5.9. It is suspected that most BSD based telnet clients are affected by this vulnerability.
9a3b7b73eb08fc8817b92e7dac30a75b72f3c015d5bbd074dbfb8f930414a6f2