Exploiting a 32-year-old buffer overflow in GNU telnetd (CVE-2026-32746)

Exploiting a 32-year-old buffer overflow in GNU telnetd (CVE-2026-32746)(striga.ai)

7 points by traekfuglene 47 days ago | 1 comment

Pre-auth buffer overflow in telnetd's SLC handler, sitting in the codebase since 1994. We used Striga, our AI-driven source code auditing platform, to reproduce the exploitation path and work out the byte constraints. The writeup covers the math for GOT overwrite on 32-bit and why the same approach is probably impossible on 64-bit.

traekfuglene 47 days ago |

Pre-auth buffer overflow in telnetd's SLC handler, sitting in the codebase since 1994. We used Striga, our AI-driven source code auditing platform, to reproduce the exploitation path and work out the byte constraints. The writeup covers the math for GOT overwrite on 32-bit and why the same approach is probably impossible on 64-bit.