CVE-2016-1888

The telnetd service in FreeBSD 9.3, 10.1, 10.2, 10.3, and 11.0 allows remote attackers to inject arguments to login and bypass authentication via vectors involving a "sequence of memory allocation failures."
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:freebsd:freebsd:9.3:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:10.1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:10.2:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:10.3:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:*:*:*:*:*:*:*

History

21 Nov 2024, 02:47

Type Values Removed Values Added
References () http://www.securitytracker.com/id/1037399 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1037399 - Third Party Advisory, VDB Entry
References () https://www.freebsd.org/security/advisories/FreeBSD-SA-16:36.telnetd.asc - Vendor Advisory () https://www.freebsd.org/security/advisories/FreeBSD-SA-16:36.telnetd.asc - Vendor Advisory

Information

Published : 2017-02-15 15:59

Updated : 2024-11-21 02:47


NVD link : CVE-2016-1888

Mitre link : CVE-2016-1888

CVE.ORG link : CVE-2016-1888


JSON object : View

Products Affected

freebsd

  • freebsd
CWE
CWE-287

Improper Authentication