vulnerability
FreeBSD: VID-39f6cbff-b30a-11e9-a87f-a4badb2f4699 (CVE-2019-0053): FreeBSD -- telnet(1) client multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:P/I:P/A:P) | Jul 30, 2019 | Jul 31, 2019 | Dec 10, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
Jul 30, 2019
Added
Jul 31, 2019
Modified
Dec 10, 2025
Description
Problem Description: Insufficient validation of environment variables in the telnet client supplied in FreeBSD can lead to stack-based buffer overflows. A stack- based overflow is present in the handling of environment variables when connecting via the telnet client to remote telnet servers. This issue only affects the telnet client. Inbound telnet sessions to telnetd(8) are not affected by this issue. Impact: These buffer overflows may be triggered when connecting to a malicious server, or by an active attacker in the network path between the client and server. Specially crafted TELNET command sequences may cause the execution of arbitrary code with the privileges of the user invoking telnet(1).
Solutions
freebsd-upgrade-base-12_0-release-p8freebsd-upgrade-base-11_2-release-p12freebsd-upgrade-base-11_3-release-p1
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.