https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=266719
Mark Linimon changed:
What|Removed |Added
Status|New |Closed
Assignee|b...@free
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=266719
--- Comment #2 from Robert Morris ---
Also, if the telnet client sends an authentication name, then a
KRB_FORWARD in an AUTHENTICATE sub-option for Kerberos5 but not
preceded by a KRB_AUTH, the "ticket" global variable is never
initialized,
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=266719
--- Comment #1 from Robert Morris ---
Separately, if a client is authenticating and sends an SB
AUTHENTICATION QUAL_IS for Kerberos5 without a preceding QUAL_NAME,
there's a crash in line 506 of kerberos5_is() in
libtelnet/kerberos5.c:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=266719
Bug ID: 266719
Summary: telnetd crashes if it receives IAC EC at session start
Product: Base System
Version: CURRENT
Hardware: Any
OS: Any
Status: New
