CVE-2004-0640

Description

Format string vulnerability in the SSL_set_verify function in telnetd.c for SSLtelnet daemon (SSLtelnetd) 0.13 allows remote attackers to execute arbitrary code.

Affected products

• netkit / linux_netkit0.17 – 0.17
• netkit / linux_netkit0.17.17 – 0.17.17
• ssltelnetd / secure_telnet0.13.1 – 0.13.1

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/16653
• MISChttp://www.idefense.com/application/poi/display?id=114&type=vulnerabilities
• VENDOR_ADVISORYhttp://www.debian.org/security/2004/dsa-529