-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

##
## Patch description of patch b1e64e238134069ad4b3519f91102157
##

Kind: security

Shortdescription.english:  Security update for telnet

Longdescription.english:

   Applies to

   Package: telnet
   Product(s):

   Release: 20050228
   Obsoletes: none

  Indications

   Everyone still using the telnet client should update.

  Contraindications

   None.

  Problem description

   CAN-2005-0469: This update fixes several vulnerabilities in
   the telnet client. A buffer overflow in the LINEMODE
   suboption command SLC can be exploited by a malicious server
   to execute arbitrary code on the client site with the
   privileges of the user running telnet.

   CAN-2005-0468: Another buffer overflow can be exploited
   remotely via a malicious server by sending environment
   variables to the client. The result of this bug is arbitrary
   code execution too.

   Note that this bug can also be exploited by clicking on a
   URL link that uses telnet:// as protocol and points to a
   server controlled by an attacker.

  Solution

   Please install the updates provided at the location noted
   below.

  Installation notes

   This update is provided as an RPM package that can easily be
   installed onto a running system by using this command:
rpm -Fvh telnet.rpm
Hsilgne.noitpircsedgnol:

Size: 46


MinYaST1Version:
MinYaST2Version:
UpdateOnlyInstalled: true

Packages:
##
## -----> telnet <-----
##
Filename: telnet.rpm
Label: Client program for the telnet remote login protocol
Series: i586
Size: 83781 47690
PatchRpmBasedOn: 1.0-306
PatchRpmSize: 83781 34114
Buildtime: 1109346542
DepAND:
DepOR:
DepExcl:
Flag:
Category:
RpmGroup: Productivity/Networking/Other
Copyright: BSD
AuthorName: 
AuthorAddress:
Version: 1.0-526
StartCommand:
Obsoletes:
Requires: netcfg ld-linux.so.2 libc.so.6 libc.so.6(GLIBC_2.0) libc.so.6(GLIBC_2.1) libncurses.so.5 rpmlib(PayloadIsBzip2) <= 3.0.5-1
Provides: nkitb:/usr/bin/telnet
Segakcap:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFCSV98qE7a6JyACsoRAoPoAJ0ch4Je02VDjlHPJ4vr+WL5mf9N5ACf
YnPWk6hcNsCnk2fNmTQLf2195Ww=
=DgAF
-----END PGP SIGNATURE-----