25 matches found
GHSA-47QP-HQVX-6R3F JLine3 Telnet server: Unauthenticated Remote Memory Exhaustion via Unbounded Telnet NEW-ENVIRON Variables
Summary The JLine3 Telnet server remote-telnet module does not limit the number of environment variables a client may inject via the Telnet NEW-ENVIRON option. An unauthenticated attacker can flood the server with a large number of unique variable pairs before sending the terminating IAC SE byte,...
USN-8387-1: Inetutils vulnerabilities
It was discovered that the Inetutils telnet daemon incorrectly handled the CREDENTIALSDIRECTORY environment variable. An attacker could possibly use this issue to escalate privileges. CVE-2026-28372 It was discovered that the Inetutils telnet daemon did not properly validate buffer bounds when...
Astra Linux – Vulnerability in inetutils
In GNU inetutils, the telnet utility in version 2.7 allows servers to read arbitrary environment variables from clients using the NEWENVIRON SENDUSERVAR function...
GNU InetUtils 2.6 - Telnetd Remote Privilege Escalation
Exploit Title: GNU InetUtils telnetd - Remote Privilege Escalation Date: 2026-01-24 Exploit Author: Ali Guliyev infat0x Author GitHub: https://github.com/infat0x Vendor Homepage: https://www.gnu.org/software/inetutils/ Software Link: https://ftp.gnu.org/gnu/inetutils/ Version: GNU InetUtils 2.0...
Exploit for Argument Injection in Gnu Inetutils
CVE-2026-24061 - telnetd auth bypass o co chodzi argument...
EUVD-2026-12154
telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...
DEBIAN-CVE-2026-32772
telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...
UBUNTU-CVE-2026-32772
telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...
CVE-2026-32772
telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...
CVE-2026-32772
telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...
📄 GNU Inetutils telnetd NEW-ENVIRON Authentication Bypass
This Metasploit module exploits an authentication bypass vulnerability in GNU Inetutils telnetd. By sending a specially crafted NEW-ENVIRON subnegotiation with a USER variable containing -f root, an attacker can login as root without a password. This occurs because telnetd passes the environment...
Exploit for Argument Injection in Gnu Inetutils
!Authorhttps://img.shields.io/badge/Author-Mohammed%20Idrees%...
Exploit for Argument Injection in Gnu Inetutils
CVE-2026-24061 Telnet Root Exploit & Scanner A robust, multit...
📄 GNU Inetutils 2.7 Telnet Authentication Bypass Scanner
GNU Inetutils version 2.7 telnet authentication bypass scanner that leverages a crafted USER value. This vulnerability is tracked as CVE-2026-24061 and is conceptually related to historical Telnet NEW-ENVIRON issues such as CVE-1999-0192, but affects modern GNU Inetutils implementations...
Exploit for CVE-2026-24061
CVE-2026-24061 Vulnerability Scanner & Exploit !Licenseh...
Exploit for CVE-2026-24061
CVE-2026-24061 Telnet NEW-ENVIRON authentication bypass v...
Exploit for CVE-2026-24061
CVE-2026-24061 GNU Inetutils telnetd Remote Authentication...
Exploit for CVE-2026-24061
CVE-2026-24061 复现步骤 构建镜像 docker build -t telnetd-bypass...
Exploit for CVE-2026-24061
CVE-2026-24061 GNU Inetutils telnetd Remote Authentication...
SUSE CVE-2005-0488
Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENVUSERVAR command...