Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.
Published 2011-12-25 01:55:02
Updated 2021-02-09 14:48:38
Source FreeBSD
View at NVD,   CVE.org
Vulnerability category: OverflowExecute code

Threat overview for CVE-2011-4862

Top countries where our scanners detected CVE-2011-4862
Top open port discovered on systems with this issue 21
IPs affected by CVE-2011-4862 749,410
Threat actors abusing to this issue? Yes
Find out if you* are affected by CVE-2011-4862!
*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2011-4862

96.94%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2011-4862

  • Telnet Service Encryption Key ID Overflow Detection
    First seen: 2020-04-26
    auxiliary/scanner/telnet/telnet_encrypt_overflow
    Detect telnet services vulnerable to the encrypt option Key ID overflow (BSD-derived telnetd) Authors: - Jaime Penalba Estebanez <jpenalbae@gmail.com> - hdm <x@hdm.io>
  • FreeBSD Telnet Service Encryption Key ID Buffer Overflow
    Disclosure Date: 2011-12-23
    First seen: 2020-04-26
    exploit/freebsd/telnet/telnet_encrypt_keyid
    This module exploits a buffer overflow in the encryption option handler of the FreeBSD telnet service. Authors: - Jaime Penalba Estebanez <jpenalbae@gmail.com> - Brandon Perry <bperry.volatile@gmail.com> - Dan Rosenberg - hdm <x@hdm.io>
  • Linux BSD-derived Telnet Service Encryption Key ID Buffer Overflow
    Disclosure Date: 2011-12-23
    First seen: 2020-04-26
    exploit/linux/telnet/telnet_encrypt_keyid
    This module exploits a buffer overflow in the encryption option handler of the Linux BSD-derived telnet service (inetutils or krb5-telnet). Most Linux distributions use NetKit-derived telnet daemons, so this flaw only applies to a small subset of Linux systems runn

CVSS scores for CVE-2011-4862

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
10.0
HIGH AV:N/AC:L/Au:N/C:C/I:C/A:C
10.0
10.0
NIST

CWE ids for CVE-2011-4862

References for CVE-2011-4862

Products affected by CVE-2011-4862

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!