Debian rsh-client 命令注入漏洞

Debian rsh-client is a command application for the Debian community in the United States. A security vulnerability previously existed in Debian rsh-client version 0.17-24, which stemmed from netkit-rcp allowing command injection via filename...

CVE-2023-38336

netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778...

CVE-2023-38336

CVE-2023-38336 concerns netkit-rcp in rsh-client 0.17-24 where an rsh server can cause command/file handling issues. The connected Broadcom advisory describes a concrete exploitation: a malicious rsh server (or MITM) can overwrite arbitrary files on the rcp client by abusing the rcp operation’s o...

PT-2023-26370 · Netkit +8 · Netkit +3

netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778...

CVE-2023-38336

netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778...

K22130301: Telnet vulnerability CVE-2020-10188

Security Advisory Description utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions. CVE-2020-10188 Impact There is no impact; F5 products are...

SUSE CVE-2004-0911

telnetd for netkit 0.17 and earlier, and possibly other versions, on Debian GNU/Linux allows remote attackers to cause a denial of service free of an invalid pointer, a different vulnerability than CVE-2001-0554...

SUSE CVE-2019-7282

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685...

SUSE CVE-2019-7283

An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server or Man-in-The-Middle attacker can overwrite...

SUSE CVE-2020-10188

utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions...

Mageia: Security Advisory (MGASA-2022-0460)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2022-0460 Updated netkit-telnet packages fix security vulnerability

2-byte DoS in netkit-telnetd. CVE-2022-39028...

Updated netkit-telnet packages fix security vulnerability

2-byte DoS in netkit-telnetd. CVE-2022-39028...

Huawei EulerOS: Security Advisory for rsh (EulerOS-SA-2022-1949)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : rsh (EulerOS-SA-2022-1949)

According to the versions of the rsh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty...

Ubuntu: Security Advisory (USN-5327-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5327-1: rsh vulnerability

Hiroyuki Yamamori discovered that rsh incorrectly handled certain filenames. If a user or automated system were tricked into connecting to a malicious rsh server, a remote attacker could possibly use this issue to modify directory permissions...

USN-5327-1 netkit-rsh vulnerability

Hiroyuki Yamamori discovered that rsh incorrectly handled certain filenames. If a user or automated system were tricked into connecting to a malicious rsh server, a remote attacker could possibly use this issue to modify directory permissions...

Ubuntu 18.04 LTS : rsh vulnerability (USN-5327-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5327-1 advisory. Hiroyuki Yamamori discovered that rsh incorrectly handled certain filenames. If a user or automated system were tricked into connecting to a malicious rsh server,...

Mageia: Security Advisory (MGASA-2020-0211)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...