32 matches found
EUVD-2019-11471
Malware in sbrugna...
EUVD-2022-41574
Malicious code in bioql PyPI...
Huawei EulerOS: Security Advisory for telnet (EulerOS-SA-2024-1948)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for telnet (EulerOS-SA-2024-1975)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : telnet (EulerOS-SA-2024-1948)
According to the versions of the telnet package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. ...
EulerOS 2.0 SP9 : telnet (EulerOS-SA-2024-1975)
According to the versions of the telnet package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. ...
Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : Inetutils vulnerabilities (USN-6304-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6304-1 advisory. It was discovered that telnetd in GNU Inetutils incorrectly handled certain inputs. An attacker could possibly use this issue to caus...
Debian dla-3205 : inetutils - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3205 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3205-1 [email protected]...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : telnet (SUSE-SU-2022:3783-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3783-1 advisory. - CVE-2022-39028: Fixed NULL pointer dereference in telnetd bsc1203759. Tenable has extracted the precedi...
SUSE SLES12 Security Update : telnet (SUSE-SU-2022:3735-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3735-1 advisory. - CVE-2022-39028: Fixed NULL pointer dereference in telnetd bsc1203759. Tenable has extracted the preceding description block directly from...
CVE-2022-39028
A flaw was found in MIT krb5-appl, where it has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. The telnetd application would crash in a typical installation, but the telnet service would remain available through inetd. However, if the telnetd application has many crashes within a short ti...
CVE-2022-39028
telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd...
Null pointer dereference
telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd...
CVE-2022-39028
telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd...
CVE-2022-39028
telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd...
CVE-2022-39028
telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd...
CVE-2022-39028
CVE-2022-39028 affects telnetd in GNU Inetutils up to 2.3 and MIT krb5-appl up to 1.0.3 (and derivatives). The issue is a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8, causing telnetd to crash; in typical installs the service stays up via inetd, but repeated crashes can render the telnet s...
Updated krb5-appl packages fix security vulnerabilities
An issue was discovered in rcp in MIT krb5-appl through 1.0.3. Due to the rcp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned only directory traversa...
CVE-2019-25017
An issue was discovered in rcp in MIT krb5-appl through 1.0.3. Due to the rcp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned only directory traversa...
CVE-2019-25018
In the rcp client in MIT krb5-appl through 1.0.3, malicious servers could bypass intended access restrictions via the filename of . or an empty filename, similar to CVE-2018-20685 and CVE-2019-7282. The impact is modifying the permissions of the target directory on the client side. NOTE: MIT...