BSD in.talkd+antiflash DNS Hostfield Arbitrary Command Execution

Network Security News – Monday, December 12, 2005 Events

BSD in.talkd+antiflash DNS Hostfield Arbitrary Command Execution

BSD contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious attacker adds an arbitrary command to his or her DNS hostfield before initiating talk with a user on a target system. This flaw may lead to a loss of integrity.. Read more at osvdb.org/298