Hide Forgot
Description of problem: The sockaddr structure in telnetd.c main() is too small to hold an IPV6 address when converted to string form. This corrupt value is then transferred to utmp to create a permanent bad record. Version-Release number of selected component (if applicable): telnet-server-0.17-46.el6 How reproducible: Always. Steps to Reproduce: 1. telnet to IPV6 machine with no DNS record for IP 2. echo $REMOTEHOST 3. Actual results: $ telnet fd00:6969:6969:6969::91 Trying fd00:6969:6969:6969::91... Connected to fd00:6969:6969:6969::91. Escape character is '^]'. login: test Password: Last login: Thu Feb 17 15:26:32 from fd00:6969:6969:6969:37:a6f5:e045:84bf%15237108 [test@host-91 ~]$ echo $REMOTEHOST fd00:6969:6969:6969:82:59c7:70af:9dbf%6078452 Expected results: $ telnet fd00:6969:6969:6969::91 Trying fd00:6969:6969:6969::91... Connected to fd00:6969:6969:6969::91. Escape character is '^]'. login: test Password: Last login: Thu Feb 17 15:28:54 from fd00:6969:6969:6969:82:59c7:70af:9dbf%6078452 [test@host-91 ~]$ echo $REMOTEHOST fd00:6969:6969:6969::12 Additional info:
Created attachment 479354 [details] patch to using sockadd_storage structure for connection details
This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unfortunately unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux. If you would like it considered as an exception in the current release, please ask your support representative.
The patch is OK, thanks for it.
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Prior to this update, the in.telnetd service used the sockaddr structure to store IPv6 addresses. This structure was too small in its size, and as a result, subsequent logins wrote incorrect records about the last login source. With this update, in.telnetd now uses the sockaddr_storage structure, which is large enough in its size to be able to store IPv6 addresses.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-0963.html