vulnerability
FreeBSD: VID-E00304D2-BBED-11E6-B1CF-14DAE9D210B8 (CVE-2016-1888): FreeBSD -- Possible login(1) argument injection in telnetd(8)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:P/A:N) | Dec 6, 2016 | Dec 9, 2016 | May 7, 2019 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Published
Dec 6, 2016
Added
Dec 9, 2016
Modified
May 7, 2019
Description
The telnetd service in FreeBSD 9.3, 10.1, 10.2, 10.3, and 11.0 allows remote attackers to inject arguments to login and bypass authentication via vectors involving a "sequence of memory allocation failures."
Solution(s)
freebsd-upgrade-base-10_1-release-p43freebsd-upgrade-base-10_2-release-p26freebsd-upgrade-base-10_3-release-p13freebsd-upgrade-base-11_0-release-p4freebsd-upgrade-base-9_3-release-p51
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.