|
Multiple Vendor talkd(8) Vulnerability
The program talk is used to provide a two-way screen-oriented conversation between users. The talkd daemon is used to notify a user that another users wishes to establish a chat session. As part of this process, talkd must perform a name lookup of the initiating host. Due to a buffer overflow condition in talkd related to the name lookup facility, an unauthorized user may be able to pass bogus hostname information to talkd and gain root access. |
|
|
Privacy Statement |
