Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Irix | Sgi | 6.5.6 | 6.5.6 |
Irix | Sgi | 6.0.1 | 6.0.1 |
Irix | Sgi | 5.3 | 5.3 |
Irix | Sgi | 6.0.1 | 6.0.1 |
Irix | Sgi | 6.5.3f | 6.5.3f |
Irix | Sgi | 6.5.1 | 6.5.1 |
Irix | Sgi | 6.1 | 6.1 |
Irix | Sgi | 6.4 | 6.4 |
Irix | Sgi | 6.5.2m | 6.5.2m |
Irix | Sgi | 6.5.3 | 6.5.3 |
Irix | Sgi | 6.5.3m | 6.5.3m |
Irix | Sgi | 6.5.8 | 6.5.8 |
Irix | Sgi | 5.2 | 5.2 |
Irix | Sgi | 6.5.4 | 6.5.4 |
Irix | Sgi | 6.0 | 6.0 |
Irix | Sgi | 6.3 | 6.3 |
Irix | Sgi | 6.5 | 6.5 |
Irix | Sgi | 6.5.7 | 6.5.7 |
Irix | Sgi | 5.3 | 5.3 |
Irix | Sgi | 6.2 | 6.2 |