232 matches found
USN-5327-1: rsh vulnerability
Hiroyuki Yamamori discovered that rsh incorrectly handled certain filenames. If a user or automated system were tricked into connecting to a malicious rsh server, a remote attacker could possibly use this issue to modify directory permissions...
Ubuntu 18.04 LTS : rsh vulnerability (USN-5327-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5327-1 advisory. Hiroyuki Yamamori discovered that rsh incorrectly handled certain filenames. If a user or automated system were tricked into connecting to a malicious rsh server,...
Mageia: Security Advisory (MGASA-2020-0211)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2021-0525 Updated rsh packages fix security vulnerability
In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685. CVE-2019-7282 An issu...
Updated rsh packages fix security vulnerability
In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685. CVE-2019-7282 An issu...
DLA-2822-1 netkit-rsh - security update
Bulletin has no description...
Debian DLA-2822-1 : netkit-rsh - LTS security update
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2822 advisory. - In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The...
Debian: Security Advisory (DLA-2822-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2822-1] netkit-rsh security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2822-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz November 19, 2021 https://wiki.debian.org/LTS -...
Netkit Telnet Buffer Overflow (CVE-2020-10188)
A buffer overflow vulnerability exists in Netkit Telnet Project. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
NewStart CGSL CORE 5.04 / MAIN 5.04 : telnet Vulnerability (NS-SA-2020-0055)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has telnet packages installed that are affected by a vulnerability: - utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer...
EulerOS 2.0 SP3 : telnet (EulerOS-SA-2020-2065)
According to the version of the telnet packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a...
NewStart CGSL MAIN 4.05 : krb5-appl Vulnerability (NS-SA-2020-0049)
The remote NewStart CGSL host, running version MAIN 4.05, has krb5-appl packages installed that are affected by a vulnerability: - utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow...
The vulnerability of the implementations of the functions netclear() and nextitem() in the demon telnetd of the netkit-telnet server allows a intruder to execute arbitrary code.
The vulnerability of the implementations of the functions netclear and nextitem in the telnetd daemon of the netkit-telnet server is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code by...
EulerOS 2.0 SP5 : telnet (EulerOS-SA-2020-1617)
According to the version of the telnet packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a...
Updated netkit-telnet packages fix security vulnerability
Updated netkit-telnetd packages fix security vulnerability: A vulnerability was found where incorrect bounds checks in the telnet server’s telnetd handling of short writes and urgent data, could lead to information disclosure and corruption of heap data. An unauthenticated remote attacker could...
Amazon Linux 2 : telnet (ALAS-2020-1422)
The version of telnet installed on the remote host is prior to 0.17-65. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1422 advisory. utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data...
Important: telnet
Issue Overview: utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions. CVE-2020-10188 Affected Packages: telnet Note: This advisory is...
netkit telnetd nextitem vulnerability
Added: 03/24/2020 Background netkit telnetd is a server implementation of the Telnet protocol which comes with many Linux and Unix operating systems. Problem An unbounded read and write condition in the nextitem function allows remote attackers to execute arbitrary commands on the server...
netkit telnetd nextitem vulnerability
Added: 03/24/2020 Background netkit telnetd is a server implementation of the Telnet protocol which comes with many Linux and Unix operating systems. Problem An unbounded read and write condition in the nextitem function allows remote attackers to execute arbitrary commands on the server...