SSLTelnetd Remote Syslog Format String Vulnerability

Bugtraq ID:	10684
Class:	Design Error
CVE:	CVE-2004-0640
Remote:	Yes
Local:	No
Published:	Jul 09 2004 12:00AM
Updated:	Jul 12 2009 06:16AM
Credit:	The individual responsible for disclosure of this issue is currently unknown; this issue was disclosed in the referenced iDEFENSE security advisory. b0f is credited with discovering this issue in netkit-telnet-ssl.
Vulnerable:	SSLtelnetd Secure Telnet 0.13 -1 Netkit Linux Netkit 0.17.17 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha Netkit Linux Netkit 0.17 + Caldera OpenLinux 2.4 + Caldera OpenLinux 2.3 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 + Gentoo Linux + Red Hat Enterprise Linux AS 4 + Red Hat Enterprise Linux AS 3 + Red Hat Enterprise Linux AS 2.1 IA64 + Red Hat Enterprise Linux AS 2.1 + RedHat Desktop 4.0 + RedHat Desktop 3.0 + RedHat Enterprise Linux ES 4 + RedHat Enterprise Linux ES 3 + RedHat Enterprise Linux ES 2.1 IA64 + RedHat Enterprise Linux ES 2.1 + RedHat Enterprise Linux WS 4 + RedHat Enterprise Linux WS 3 + RedHat Enterprise Linux WS 2.1 IA64 + RedHat Enterprise Linux WS 2.1 + RedHat Linux 7.1 i386 + RedHat Linux 7.1 alpha + RedHat Linux 7.1 + RedHat Linux 7.0 sparc + RedHat Linux 7.0 i386 + RedHat Linux 7.0 alpha + RedHat Linux 7.0 + SCO eDesktop 2.4 + SCO eServer 2.3.1 + Sun Solaris 9_x86 Update 2 + Sun Solaris 9_x86 + Sun Solaris 9 + Sun Solaris 8_x86 + Sun Solaris 8_sparc + Sun Solaris 7.0_x86 + Sun Solaris 7.0 + Sun Solaris 10 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32

Not Vulnerable: