製品・ソフトウェアに関する情報

JVN脆弱性詳細

FreeBSD の telnetd の libtelnet/encrypt.c におけるバッファオーバーフローの脆弱性

タイトル	FreeBSD の telnetd の libtelnet/encrypt.c におけるバッファオーバーフローの脆弱性
概要	FreeBSD の telnetd の libtelnet/encrypt.c には、バッファオーバーフローの脆弱性が存在します。
想定される影響	第三者により、長い暗号鍵を使用して、任意のコードを実行される可能性があります。
対策	ベンダから正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
公表日	2011年12月23日0:00
登録日	2011年12月28日15:36
最終更新日	2012年4月16日16:45

CVSS2.0 : 危険
スコア	10
ベクター	AV:N/AC:L/Au:N/C:C/I:C/A:C

影響を受けるシステム

MIT Kerberos

Kerberos 5 (krb5-appl) 1.0.2 およびそれ以前

FreeBSD

FreeBSD 7.3 から 9.0

VMware

VMware ESX 3.5

VMware ESX 4.0

VMware ESX 4.1

Heimdal

Heimdal 1.5.1 およびそれ以前

CVE (情報セキュリティ共通脆弱性識別子)

No	名前	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2011-4862	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862
National Vulnerability Database (NVD)
2	CVE-2011-4862	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4862
SECURITY BLOG
3	CVE-2011-4862 Buffer Overflow vulnerability in Telnet	https://blogs.oracle.com/sunsecurity/entry/cve_2011_4862_buffer_overflow

CWE (共通脆弱性タイプ一覧)

No	名前	URL
JVNDB
1	CWE-119	https://jvndb.jvn.jp/ja/cwe/CWE-119.html

ベンダー情報

No	名前	URL
Cisco Security Advisory
1	cisco-sa-20120126-ironport	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120126-ironport
FreeBSD
2	telnetd.patch	http://security.freebsd.org/patches/SA-11:08/telnetd.patch
FreeBSD Security Advisory
3	FreeBSD-SA-11:08.telnetd	http://security.freebsd.org/advisories/FreeBSD-SA-11:08.telnetd.asc
FreeBSD VuXML
4	krb5-appl -- telnetd code execution vulnerability	http://www.vuxml.org/freebsd/4ddc78dc-300a-11e1-a2aa-0016ce01e285.html
VMware Security Advisories
5	VMSA-2012-0006	http://www.vmware.com/security/advisories/VMSA-2012-0006.html
シスコセキュリティアドバイザリ
6	cisco-sa-20120126-ironport	http://www.cisco.com/cisco/web/support/JP/111/1110/1110167_cisco-sa-20120126-ironport-j.html

変更履歴

No	変更内容	変更日
0	[2011年12月28日] 掲載 [2012年04月04日] 影響を受けるシステム：VMware (VMSA-2012-0006) の情報を追加ベンダ情報：VMware (VMSA-2012-0006) を追加 [2012年04月16日] ベンダ情報：オラクル (CVE-2011-4862 Buffer Overflow vulnerability in Telnet) を追加 [2012年10月16日] ベンダ情報：シスコシステムズ (cisco-sa-20120126-ironport) を追加	2018年2月17日10:37

NVD脆弱性情報

CVE-2011-4862

概要	Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.
公表日	2011年12月25日10:55
登録日	2021年1月28日16:39
最終更新日	2024年11月21日10:33

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:mit:krb5-appl::::::::		1.0.2
cpe:2.3:o:freebsd:freebsd::::::::	7.3	9.0
cpe:2.3:a:heimdal_project:heimdal::::::::		1.5.1
cpe:2.3:a:gnu:inetutils::::::::				1.9

構成2	以上	以下	より上	未満
cpe:2.3:o:fedoraproject:fedora:16:::::::*
cpe:2.3:o:fedoraproject:fedora:15:::::::*

構成3	以上	以下	より上	未満
cpe:2.3:o:debian:debian_linux:5.0:::::::*
cpe:2.3:o:debian:debian_linux:7.0:::::::*
cpe:2.3:o:debian:debian_linux:6.0:::::::*

構成4	以上	以下	より上	未満
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1::::::
cpe:2.3:o:suse:linux_enterprise_server:9:::::::*
cpe:2.3:o:opensuse:opensuse:11.4:::::::*
cpe:2.3:o:opensuse:opensuse:11.3:::::::*
cpe:2.3:o:suse:linux_enterprise_server:10:sp2::::::
cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4::::::
cpe:2.3:o:suse:linux_enterprise_server:11:sp1::::-::*
cpe:2.3:o:suse:linux_enterprise_server:10:sp3:::ltss:::*
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:::-:::*
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:::-:::*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp1::::::
cpe:2.3:o:suse:linux_enterprise_server:11:sp1:::-:vmware::

関連情報、対策とツール

No	URL	タグ
1	http://archives.neohapsis.com/archives/bugtraq/2011-12/0172.html	Broken Link
2	http://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=665f1e73cdd9b38e2d2e11b8db9958a315935592	Patch Third Party Advisory
3	http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071627.html	Third Party Advisory
4	http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071640.html	Third Party Advisory
5	http://lists.freebsd.org/pipermail/freebsd-security/2011-December/006117.html	Vendor Advisory
6	http://lists.freebsd.org/pipermail/freebsd-security/2011-December/006118.html	Vendor Advisory
7	http://lists.freebsd.org/pipermail/freebsd-security/2011-December/006119.html	Vendor Advisory
8	http://lists.freebsd.org/pipermail/freebsd-security/2011-December/006120.html	Vendor Advisory
9	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html	Mailing List Third Party Advisory
10	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00004.html	Mailing List Third Party Advisory
11	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00005.html	Mailing List Third Party Advisory
12	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00007.html	Mailing List Third Party Advisory
13	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html	Mailing List Third Party Advisory
14	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00011.html	Mailing List Third Party Advisory
15	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00014.html	Mailing List Third Party Advisory
16	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00015.html	Mailing List Third Party Advisory
17	http://osvdb.org/78020	Broken Link
18	http://secunia.com/advisories/46239	Third Party Advisory
19	http://secunia.com/advisories/47341	Third Party Advisory
20	http://secunia.com/advisories/47348	Third Party Advisory
21	http://secunia.com/advisories/47357	Third Party Advisory
22	http://secunia.com/advisories/47359	Third Party Advisory
23	http://secunia.com/advisories/47373	Third Party Advisory
24	http://secunia.com/advisories/47374	Third Party Advisory
25	http://secunia.com/advisories/47397	Third Party Advisory
26	http://secunia.com/advisories/47399	Third Party Advisory
27	http://secunia.com/advisories/47441	Third Party Advisory
28	http://security.freebsd.org/advisories/FreeBSD-SA-11:08.telnetd.asc	Mitigation Vendor Advisory
29	http://security.freebsd.org/patches/SA-11:08/telnetd.patch	Patch Vendor Advisory
30	http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2011-008.txt	Patch Vendor Advisory
31	http://www.debian.org/security/2011/dsa-2372	Third Party Advisory
32	http://www.debian.org/security/2011/dsa-2373	Third Party Advisory
33	http://www.debian.org/security/2011/dsa-2375	Third Party Advisory
34	http://www.exploit-db.com/exploits/18280/	Exploit Third Party Advisory VDB Entry
35	http://www.mandriva.com/security/advisories?name=MDVSA-2011:195	Third Party Advisory
36	http://www.redhat.com/support/errata/RHSA-2011-1851.html	Third Party Advisory
37	http://www.redhat.com/support/errata/RHSA-2011-1852.html	Third Party Advisory
38	http://www.redhat.com/support/errata/RHSA-2011-1853.html	Third Party Advisory
39	http://www.redhat.com/support/errata/RHSA-2011-1854.html	Third Party Advisory
40	http://www.securitytracker.com/id?1026460	Third Party Advisory VDB Entry
41	http://www.securitytracker.com/id?1026463	Third Party Advisory VDB Entry
42	https://exchange.xforce.ibmcloud.com/vulnerabilities/71970	Third Party Advisory VDB Entry
43	http://archives.neohapsis.com/archives/bugtraq/2011-12/0172.html	Broken Link
44	https://exchange.xforce.ibmcloud.com/vulnerabilities/71970	Third Party Advisory VDB Entry
45	http://www.securitytracker.com/id?1026463	Third Party Advisory VDB Entry
46	http://www.securitytracker.com/id?1026460	Third Party Advisory VDB Entry
47	http://www.redhat.com/support/errata/RHSA-2011-1854.html	Third Party Advisory
48	http://www.redhat.com/support/errata/RHSA-2011-1853.html	Third Party Advisory
49	http://www.redhat.com/support/errata/RHSA-2011-1852.html	Third Party Advisory
50	http://www.redhat.com/support/errata/RHSA-2011-1851.html	Third Party Advisory
51	http://www.mandriva.com/security/advisories?name=MDVSA-2011:195	Third Party Advisory
52	http://www.exploit-db.com/exploits/18280/	Exploit Third Party Advisory VDB Entry
53	http://www.debian.org/security/2011/dsa-2375	Third Party Advisory
54	http://www.debian.org/security/2011/dsa-2373	Third Party Advisory
55	http://www.debian.org/security/2011/dsa-2372	Third Party Advisory
56	http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2011-008.txt	Patch Vendor Advisory
57	http://security.freebsd.org/patches/SA-11:08/telnetd.patch	Patch Vendor Advisory
58	http://security.freebsd.org/advisories/FreeBSD-SA-11:08.telnetd.asc	Mitigation Vendor Advisory
59	http://secunia.com/advisories/47441	Third Party Advisory
60	http://secunia.com/advisories/47399	Third Party Advisory
61	http://secunia.com/advisories/47397	Third Party Advisory
62	http://secunia.com/advisories/47374	Third Party Advisory
63	http://secunia.com/advisories/47373	Third Party Advisory
64	http://secunia.com/advisories/47359	Third Party Advisory
65	http://secunia.com/advisories/47357	Third Party Advisory
66	http://secunia.com/advisories/47348	Third Party Advisory
67	http://secunia.com/advisories/47341	Third Party Advisory
68	http://secunia.com/advisories/46239	Third Party Advisory
69	http://osvdb.org/78020	Broken Link
70	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00015.html	Mailing List Third Party Advisory
71	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00014.html	Mailing List Third Party Advisory
72	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00011.html	Mailing List Third Party Advisory
73	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html	Mailing List Third Party Advisory
74	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00007.html	Mailing List Third Party Advisory
75	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00005.html	Mailing List Third Party Advisory
76	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00004.html	Mailing List Third Party Advisory
77	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html	Mailing List Third Party Advisory
78	http://lists.freebsd.org/pipermail/freebsd-security/2011-December/006120.html	Vendor Advisory
79	http://lists.freebsd.org/pipermail/freebsd-security/2011-December/006119.html	Vendor Advisory
80	http://lists.freebsd.org/pipermail/freebsd-security/2011-December/006118.html	Vendor Advisory
81	http://lists.freebsd.org/pipermail/freebsd-security/2011-December/006117.html	Vendor Advisory
82	http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071640.html	Third Party Advisory
83	http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071627.html	Third Party Advisory
84	http://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=665f1e73cdd9b38e2d2e11b8db9958a315935592	Patch Third Party Advisory

共通脆弱性一覧

No	CWE	名前	URL
1	CWE-120	古典的バッファオーバーフロー	https://cwe.mitre.org/data/definitions/120.html

構成4	以上	以下	より上	未満
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1::::::
cpe:2.3:o:suse:linux_enterprise_server:9:::::::*
cpe:2.3:o:opensuse:opensuse:11.4:::::::*
cpe:2.3:o:opensuse:opensuse:11.3:::::::*
cpe:2.3:o:suse:linux_enterprise_server:10:sp2::::::
cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4::::::
cpe:2.3:o:suse:linux_enterprise_server:11:sp1::::-::*
cpe:2.3:o:suse:linux_enterprise_server:10:sp3:::ltss:::*
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:::-:::*
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:::-:::*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp1::::::
cpe:2.3:o:suse:linux_enterprise_server:11:sp1:::-:vmware::