278 matches found
USN-6304-1: Inetutils vulnerabilities
It was discovered that telnetd in GNU Inetutils incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS CVE-2022-39028 It was discovered that Inetutils incorrectly handled certain inputs. An...
USN-6304-1 inetutils vulnerabilities
It was discovered that telnetd in GNU Inetutils incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS CVE-2022-39028 It was discovered that Inetutils incorrectly handled certain inputs. An...
Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : Inetutils vulnerabilities (USN-6304-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6304-1 advisory. It was discovered that telnetd in GNU Inetutils incorrectly handled certain inputs. An attacker could possibly use this issue to caus...
GNU Inetutils Elevation of Privilege Vulnerability
GNU Inetutils is a collection of network tools from the GNU Project that contains common network management programs such as traceroute, hostname, ifconfig, and others. The toolset is mainly used for functions such as network diagnostics, configuration and system information query. An elevation o...
CVE-2023-40303
GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of setid family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary us...
CVE-2023-40303
GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of setid family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary us...
DEBIAN-CVE-2023-40303
GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of setid family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary us...
CVE-2023-40303
GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of setid family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary us...
Privilege escalation
GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of setid family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary us...
UBUNTU-CVE-2023-40303
GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of setid family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary us...
CVE-2023-40303
GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of setid family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary us...
CVE-2023-40303
CVE-2023-40303 relates to inetutils, where multiple set*id() return values were not checked in ftpd, rcp, rlogin, rsh, rshd, and uucpd, enabling potential local privilege escalation. Affected software: GNU inetutils (various Unix/Linux distros). Impact: privilege escalation if setuid/setgid/seteu...
PT-2023-27371 · Gnu +2 · Gnu Inetutils +2
Name of the Vulnerable Software and Affected Versions: GNU inetutils versions prior to 2.5 Description: The issue allows privilege escalation due to unchecked return values of setid family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is relevant if the setuid system call fails when ...
SUSE CVE-2011-4862
Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications aka krb5-appl 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as...
SUSE CVE-2022-39028
telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd...
Ubuntu: Security Advisory (USN-5048-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-5177-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-3205 : inetutils - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3205 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3205-1 [email protected]...
Debian: Security Advisory (DLA-3205-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3205-1] inetutils security update
Debian LTS Advisory DLA-3205-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin November 25, 2022 https://wiki.debian.org/LTS Package : inetutils Version : 2:1.9.4-7+deb10u2 CVE ID : CVE-2019-0053 CVE-2021-40491 CVE-2022-39028 Debian Bug : 945861 956084 993476 Sever...