Skip to content
Permalink
Browse files

CVE-2017-12988/TELNET: Add a missing bounds check.

This fixes a buffer over-read discovered by Forcepoint's security
researchers Otto Airamo & Antti Levomäki.

Add a test using the capture file supplied by the reporter(s).
  • Loading branch information...
guyharris authored and infrastation committed Feb 6, 2017
1 parent c2ef693 commit 8934a7d6307267d301182f19ed162563717e29e3
Showing with 4 additions and 0 deletions.
  1. +1 −0 print-telnet.c
  2. +1 −0 tests/TESTLIST
  3. +2 −0 tests/telnet-iac-check-oobr.out
  4. BIN tests/telnet-iac-check-oobr.pcap
@@ -442,6 +442,7 @@ telnet_parse(netdissect_options *ndo, const u_char *sp, u_int length, int print)
break;
p++;
}
ND_TCHECK(*p);
if (*p != IAC)
goto pktend;

@@ -466,6 +466,7 @@ eigrp-tlv-oobr eigrp-tlv-oobr.pcap eigrp-tlv-oobr.out -vvv -e
zephyr-oobr zephyr-oobr.pcap zephyr-oobr.out -vvv -e
bgp-as-path-oobr bgp-as-path-oobr.pcap bgp-as-path-oobr.out -vvv -e
isakmp-no-none-np isakmp-no-none-np.pcap isakmp-no-none-np.out -vvv -e
telnet-iac-check-oobr telnet-iac-check-oobr.pcap telnet-iac-check-oobr.out -vvv -e

# RTP tests
# fuzzed pcap

Large diffs are not rendered by default.

Binary file not shown.

0 comments on commit 8934a7d

Please sign in to comment.
You can’t perform that action at this time.