{"vuid":"VU#995038","idnumber":"995038","name":"Debian Linux Netkit telnetd-ssl contains a format string vulnerability","keywords":["telnetd-ssl","netkit","Debian Linux","format string","arbitrary code execution"],"overview":"Debian Linux Netkit telnetd-ssl contains a format string vulnerability that may allow a remote attacker to execute arbitrary code.","clean_desc":"An unspecified format string vulnerability in Debian Linux Netkit telnetd-ssl may allow a remote attacker to execute arbitrary code on a vulnerable system. According to public reports, exploitation occurs when telnetd-ssl attempts to process specially crafted SSL error messages. No further details are available at this time.","impact":"A remote attacker may be able to execute arbitrary code on a vulnerable system.","resolution":"Upgrade This problem has been addressed in Debian Linux version 0.17.17+0.1-2woody3 of the stable distribution (woody), and version 0.17.24+0.1-6 of the unstable distribution (sid). Please see the Debian Security Advisory DSA-616-1 for instructions on how to upgrade.","workarounds":"","sysaffected":"","thanks":"This vulnerability was reported by \nJoel Eriksson.","author":"This document was written by Jeff Gennari.","public":["http://secunia.com/advisories/13656/","http://www.debian.org/security/2004/dsa-616"],"cveids":["CVE-2004-0998"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2004-12-23T15:48:16Z","publicdate":"2004-12-23T00:00:00Z","datefirstpublished":"2005-01-13T21:33:38Z","dateupdated":"2005-02-01T21:10:47Z","revision":58,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"12","cam_exploitation":"0","cam_internetinfrastructure":"3","cam_population":"10","cam_impact":"17","cam_easeofexploitation":"9","cam_attackeraccessrequired":"10","cam_scorecurrent":"4.303125","cam_scorecurrentwidelyknown":"6.598125","cam_scorecurrentwidelyknownexploited":"12.335625","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":4.303125,"vulnote":null}