Lucene search
K

24 matches found

AstraLinux
AstraLinux
added 2026/06/23 11:48 a.m.12 views

Astra Linux – Vulnerability in inetutils

In GNU inetutils via telnetd in version 2.7, privilege escalation is possible, which can be exploited by abusing the systemd service credentials support added to the login1 implementation of util-linux in version 2.40. This issue relates to client control over the CREDENTIALSDIRECTORY environment...

7.8CVSS7.3AI score0.00373EPSS
Exploits4References3
OSV
OSV
added 2026/06/04 11:16 p.m.18 views

USN-8387-1 inetutils vulnerabilities

It was discovered that the Inetutils telnet daemon incorrectly handled the CREDENTIALSDIRECTORY environment variable. An attacker could possibly use this issue to escalate privileges. CVE-2026-28372 It was discovered that the Inetutils telnet daemon did not properly validate buffer bounds when...

9.8CVSS7.5AI score0.23674EPSS
Exploits13References4
Ubuntu
Ubuntu
added 2026/06/04 11:16 p.m.18 views

USN-8387-1: Inetutils vulnerabilities

It was discovered that the Inetutils telnet daemon incorrectly handled the CREDENTIALSDIRECTORY environment variable. An attacker could possibly use this issue to escalate privileges. CVE-2026-28372 It was discovered that the Inetutils telnet daemon did not properly validate buffer bounds when...

9.8CVSS7.5AI score0.23674EPSS
Exploits13
NVD
NVD
added 2026/03/27 12:16 a.m.4 views

CVE-2026-33945

Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...

9.9CVSS0.00447EPSS
Exploits0References1
OSV
OSV
added 2026/03/27 12:16 a.m.12 views

UBUNTU-CVE-2026-33945

Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...

9.9CVSS5.9AI score0.00447EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/03/27 12:16 a.m.6 views

CVE-2026-33945

Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...

9.9CVSS5.9AI score0.00447EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/03/26 11:27 p.m.5 views

CVE-2026-33945

Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...

9.9CVSS5.7AI score0.00447EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/26 11:27 p.m.5 views

CVE-2026-33945

Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...

9.9CVSS5.9AI score0.00447EPSS
Exploits0References2Affected Software1
GithubExploit
GithubExploit
added 2026/03/07 5:31 a.m.160 views

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Gnu Inetutils

CVE-2026-28372: GNU inetutils telnetd Privilege Escalation !...

7.8CVSS5.8AI score0.00373EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-28372

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login1...

7.8CVSS7.1AI score0.00373EPSS
Exploits4References2
RedhatCVE
RedhatCVE
added 2026/02/28 7:47 a.m.7 views

CVE-2026-28372

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login1 implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALSDIRECTORY environment variable, and require...

7.8CVSS5.9AI score0.00373EPSS
Exploits4References1
GithubExploit
GithubExploit
added 2026/02/28 1:28 a.m.263 views

Exploit for CVE-2026-28372

CVE-2026-28372 — GNU inetutils telnetd Privilege Escalation Po...

7.4CVSS5.9AI score0.00373EPSS
Exploits4
GithubExploit
GithubExploit
added 2026/02/27 7:54 p.m.205 views

Exploit for CVE-2026-28372

CVE-2026-28372 — GNU inetutils telnetd Privilege Escalation Po...

7.4CVSS6AI score0.00373EPSS
Exploits4
EUVD
EUVD
added 2026/02/27 6:31 a.m.8 views

EUVD-2026-9000

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login1 implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALSDIRECTORY environment variable, and require...

7.4CVSS5.4AI score0.00373EPSS
Exploits4References5
OSV
OSV
added 2026/02/27 6:18 a.m.5 views

UBUNTU-CVE-2026-28372

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login1 implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALSDIRECTORY environment variable, and require...

7.8CVSS7.3AI score0.00373EPSS
Exploits4References7
NVD
NVD
added 2026/02/27 6:18 a.m.6 views

CVE-2026-28372

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login1 implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALSDIRECTORY environment variable, and require...

7.8CVSS0.00373EPSS
Exploits4References9
Cvelist
Cvelist
added 2026/02/27 5:28 a.m.29 views

CVE-2026-28372

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login1 implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALSDIRECTORY environment variable, and require...

7.4CVSS0.00373EPSS
Exploits4References4
ATTACKERKB
ATTACKERKB
added 2026/02/27 5:28 a.m.4 views

CVE-2026-28372

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login1 implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALSDIRECTORY environment variable, and require...

7.8CVSS5.5AI score0.00373EPSS
Exploits4References5
CVE
CVE
added 2026/02/27 5:28 a.m.69 views

CVE-2026-28372

CVE-2026-28372 affects telnetd in GNU inetutils up to version 2.7. The root cause is that login(1) in util-linux 2.40 added systemd service credentials support, enabling a local unprivileged user to influence the CREDENTIALS_DIRECTORY environment variable and create a login.noauth file, which can...

7.8CVSS5.5AI score0.00373EPSS
Exploits4References9Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/27 5:28 a.m.2 views

CVE-2026-28372

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login1 implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALSDIRECTORY environment variable, and require...

7.4CVSS5.9AI score0.00373EPSS
Exploits4References4
Rows per page
Query Builder