CVE-2018-20764: Buffer Overflow
First published: Fri Feb 08 2019(Updated: )
A buffer overflow exists in HelpSystems tcpcrypt on Linux, used for BoKS encrypted telnet through BoKS version 6.7.1. Since tcpcrypt is setuid, exploitation leads to privilege escalation.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Helpsystems Boks | >=6.6.0<=6.7.1 | |
| Linux Linux kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2018-20764?
CVE-2018-20764 is a buffer overflow vulnerability found in HelpSystems tcpcrypt on Linux, used for BoKS encrypted telnet through BoKS version 6.7.1.
How does the buffer overflow vulnerability in HelpSystems tcpcrypt affect BoKS?
The buffer overflow vulnerability in HelpSystems tcpcrypt on Linux can be exploited to gain privilege escalation in BoKS when using encrypted telnet.
What is the severity of CVE-2018-20764?
The severity of CVE-2018-20764 is critical with a CVSS score of 9.8.
How can I fix the buffer overflow vulnerability in HelpSystems tcpcrypt?
To fix the buffer overflow vulnerability, it is recommended to apply the necessary patch or update provided by HelpSystems.
Where can I find more information about CVE-2018-20764?
You can find more information about CVE-2018-20764 at the following link: [https://community.helpsystems.com/knowledge-base/fox-technologies/hotfix/515/](https://community.helpsystems.com/knowledge-base/fox-technologies/hotfix/515/)
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/description
- agent/tags
- agent/event
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/helpsystems
- canonical/helpsystems boks
- version/helpsystems boks/6.6.0
- version/helpsystems boks/6.7.1
- vendor/linux
- canonical/linux linux kernel