Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Inetutils vulnerabilities (USN-8387-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8387-1 advisory. It was discovered that the Inetutils telnet daemon incorrectly handled th...

Exploit for Argument Injection in Gnu Inetutils

CVE-2026–24061 : GNU InetUtils telnetd Authentication Bypass...

USN-8387-1: Inetutils vulnerabilities

It was discovered that the Inetutils telnet daemon incorrectly handled the CREDENTIALSDIRECTORY environment variable. An attacker could possibly use this issue to escalate privileges. CVE-2026-28372 It was discovered that the Inetutils telnet daemon did not properly validate buffer bounds when...

USN-8387-1 inetutils vulnerabilities

It was discovered that the Inetutils telnet daemon incorrectly handled the CREDENTIALSDIRECTORY environment variable. An attacker could possibly use this issue to escalate privileges. CVE-2026-28372 It was discovered that the Inetutils telnet daemon did not properly validate buffer bounds when...

telnet-pocs-2026

All Telnet PoCs — Consolidated All proof-of-concept exploits...

Exploit for Classic Buffer Overflow in Gnu Inetutils

🚨 CVE-2026-32746 GNU Inetutils Telnetd RCE 🔥 📌 Res...

Astra Linux – Vulnerability in inetutils

In GNU inetutils, the telnet utility in version 2.7 allows servers to read arbitrary environment variables from clients using the NEWENVIRON SENDUSERVAR function...

Astra Linux – Vulnerability in inetutils

In GNU inetutils via telnetd in version 2.7, privilege escalation is possible, which can be exploited by abusing the systemd service credentials support added to the login1 implementation of util-linux in version 2.40. This issue relates to client control over the CREDENTIALSDIRECTORY environment...

Updated krb5-appl packages fix security vulnerability

telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC Set Local Characters suboption handler because addslc does not check whether the buffer is full. CVE-2026-32746...

GNU InetUtils 2.6 - Telnetd Remote Privilege Escalation

Exploit Title: GNU InetUtils telnetd - Remote Privilege Escalation Date: 2026-01-24 Exploit Author: Ali Guliyev infat0x Author GitHub: https://github.com/infat0x Vendor Homepage: https://www.gnu.org/software/inetutils/ Software Link: https://ftp.gnu.org/gnu/inetutils/ Version: GNU InetUtils 2.0...

Debian dla-4527 : inetutils-ftp - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4527 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4527-1 [email protected]...

Debian: Security Advisory (DLA-4527-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-6193-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dsa-6193 : inetutils-ftp - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6193 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6193-1 [email protected] https://www.debian.org/securit...

[SECURITY] [DSA 6193-1] inetutils security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6193-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 03, 2026 https://www.debian.org/security/faq -...

Astra Linux – Vulnerability in inetutils

In GNU inetutils’ telnetd module, as of version 2.7, there is a vulnerability where an out-of-bounds write can occur in the LINEMODE SLC Set Local Characters suboption handler. This occurs because the addslc function does not check whether the buffer is full before writing data...

CVE-2026-32772

telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...

CVE-2026-32746

telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC Set Local Characters suboption handler because addslc does not check whether the buffer is full...

Exploit for Argument Injection in Gnu Inetutils

Telnet Vulnerability Scanner CVE-2026-24061 & CVE-2026-32746...

SUSE: Security Advisory (SUSE-SU-2026:0930-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...