Lucene search
Copyright (C) 2008 E-Soft Inc.OPENVAS:136141256231053245HistoryJan 17, 2008 - 12:00 a.m.
Debian Security Advisory DSA 556-1 (netkit-telnet)
2008-01-1700:00:00
Copyright (C) 2008 E-Soft Inc.
plugins.openvas.org
2
6.6 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.007 Low
EPSS
Percentile
80.2%
The remote host is missing an update to netkit-telnet announced via advisory DSA 556-1.
This VT has been merged into the VT
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.53245");
script_version("2023-06-29T08:15:14+0000");
script_tag(name:"last_modification", value:"2023-06-29 08:15:14 +0000 (Thu, 29 Jun 2023)");
script_tag(name:"creation_date", value:"2008-01-17 22:45:44 +0100 (Thu, 17 Jan 2008)");
script_cve_id("CVE-2004-0911");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_name("Debian Security Advisory DSA 556-1 (netkit-telnet)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("Debian Local Security Checks");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20556-1");
script_tag(name:"insight", value:"Michal Zalewski discovered a bug in the netkit-telnet server (telnetd)
whereby a remote attacker could cause the telnetd process to free an
invalid pointer. This causes the telnet server process to crash,
leading to a straightforward denial of service (inetd will disable the
service if telnetd is crashed repeatedly), or possibly the execution
of arbitrary code with the privileges of the telnetd process (by
default, the 'telnetd' user).
For the stable distribution (woody) this problem has been fixed in
version 0.17-18woody1.
For the unstable distribution (sid) this problem has been fixed in
version 0.17-26.");
script_tag(name:"solution", value:"We recommend that you upgrade your netkit-telnetpackage.");
script_tag(name:"summary", value:"The remote host is missing an update to netkit-telnet announced via advisory DSA 556-1.
This VT has been merged into the VT 'Debian: Security Advisory (DSA-556)' (OID: 1.3.6.1.4.1.25623.1.0.53260).");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"deprecated", value:TRUE);
exit(0);
}
exit(66);Related
debian
debian
[SECURITY] [DSA 569-1] New netkit-telnet-ssl packages fix denial of service
2004-10-18 07:29:57
[SECURITY] [DSA 556-1] New netkit-telnet packages fix invalid free
2004-10-02 00:00:00
openvas
openvas
Debian Security Advisory DSA 556-1 (netkit-telnet)
2008-01-17 00:00:00
Debian Security Advisory DSA 569-1 (netkit-telnet-ssl)
2008-01-17 00:00:00
Debian Security Advisory DSA 569-1 (netkit-telnet-ssl)
2008-01-17 00:00:00
osv
osv
netkit-telnet-ssl - invalid free(3)
2004-10-18 00:00:00
netkit-telnet - invalid free(3)
2004-10-18 00:00:00
nessus
nessus
Debian DSA-556-2 : netkit-telnet - invalid free(3)
2004-11-10 00:00:00
Debian DSA-569-1 : netkit-telnet-ssl - invalid free(3)
2004-11-10 00:00:00
Ubuntu 4.10 : netkit-telnet vulnerabilities (USN-101-1)
2006-01-15 00:00:00
ubuntucve
ubuntucve
CVE-2004-0911
2004-11-03 00:00:00
ubuntu
ubuntu
telnet vulnerabilities
2005-03-29 00:00:00
cve
cve
CVE-2004-0911
2004-11-03 05:00:00
debiancve
debiancve
CVE-2004-0911
2004-11-03 05:00:00
6.6 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.007 Low
EPSS
Percentile
80.2%
Related for OPENVAS:136141256231053245