CVE-2016-7115

NameCVE-2016-7115
DescriptionBuffer overflow in the handle_packet function in mactelnet.c in the client in MAC-Telnet 0.4.3 and earlier allows remote TELNET servers to execute arbitrary code via a long string in an MT_CPTYPE_PASSSALT control packet.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-639-1
Debian Bugs836320

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
mactelnet (PTS)bookworm, bullseye0.4.4-4fixed
sid, trixie0.6.1-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
mactelnetsourcewheezy0.3.4-1+deb7u1DLA-639-1
mactelnetsourcejessie0.4.0-1+deb8u1
mactelnetsource(unstable)0.4.4-4836320

Notes

https://github.com/haakonnessjoen/MAC-Telnet/commit/b69d11727d4f0f8cf719c79e3fb700f55ca03e9a
Search for package or bug name: Reporting problems