2 matches found
The vulnerability of the add_slc() function in the telnetd server of the inetutils network programming package allows a hacker to execute arbitrary code.
The vulnerability of the addslc function in the telnetd server of the inetutils network programming package involves copying buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted package...
CVE-2026-32746
CVE-2026-32746 affects telnetd in GNU inetutils up to version 2.7. The vulnerability is an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler due to add_slc not verifying the buffer fill level. This can lead to memory corruption with potential impact on confidentiali...