A buffer overflow exists in HelpSystems tcpcrypt on Linux, used for BoKS encrypted telnet through BoKS version 6.7.1. Since tcpcrypt is setuid, exploitation leads to privilege escalation.
Created tcpcrypt tracking bugs for this issue:
Affects: epel-7 [bug 1676395]
Affects: fedora-all [bug 1676394]
Is there any specific further information on the issue in tcpcrypt available?
Unfortunately, apart from this, we don't have any additional information about the issue.
(In reply to msiddiqu from comment #5)
> Unfortunately, apart from this, we don't have any additional information
> about the issue.
Thank you. I did not found any corresponding issue furthermore in the tcpcrypt fork on github.
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.