Buffer overflows in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to execute arbitrary code via (1) a long DNS hostname that is determined using reverse DNS lookups, (2) a long AUTH string, or (3) certain data in the xtell request.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Xtell | Xtell | 1.91.1 (including) | 1.91.1 (including) |
| Xtell | Xtell | 2.6.1 (including) | 2.6.1 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=101494896516467\u0026w=2
- http://www.debian.org/security/2002/dsa-121
- http://www.iss.net/security_center/static/8312.php
- http://www.securityfocus.com/bid/4193
- http://marc.info/?l=bugtraq\u0026m=101494896516467\u0026w=2
- http://www.debian.org/security/2002/dsa-121
- http://www.iss.net/security_center/static/8312.php
- http://www.securityfocus.com/bid/4193