This article applies to BoKS version 6.6.0 through 6.7.1.



A buffer overflow vulnerability has been found in the tcpcrypt program used for BoKS encrypted telnet up to and including BoKS version 6.7.1. Since tcpcrypt is a setuid program, exploiting the vulnerability can lead to privilege escalation.

The vulnerability affects Linux-based platforms only.

Resolution / Workaround


To resolve these issues, apply hotfix HFBM-0223, available for download from the HelpSystems Community Portal.


This hotfix corrects the buffer overflow error.

Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: November 14, 2019