Vulnerability in N/a
CVE-2020-10188
utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.
EPSS: 0.745 (99.4th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- FEDORA-2020-11ea78ff8e (vendor-advisory, x_refsource_FEDORA)
- FEDORA-2020-e7b942a47a (vendor-advisory, x_refsource_FEDORA)
- FEDORA-2020-6b07ff2526 (vendor-advisory, x_refsource_FEDORA)
- [debian-lts-announce] 20200514 [SECURITY] [DLA 2176-1] inetutils security update (mailing-list, x_refsource_MLIST)
- 20200624 Telnet Vulnerability Affecting Cisco Products: June 2020 (vendor-advisory, x_refsource_CISCO)
- [debian-lts-announce] 20200824 [SECURITY] [DLA 2341-1] inetutils security update (mailing-list, x_refsource_MLIST)
- www.oracle.com/security-alerts/cpuApr2021.html (x_refsource_MISC)
- appgateresearch.blogspot.com/2020/02/bravestarr-fedora-31-netkit-telnetd_28.html (x_refsource_MISC)
- github.com/krb5/krb5-appl/blob/d00cd671dfe945791b33d4f1f6a5c57ae1667ef8/telnet/… (x_refsource_MISC)
- www.arista.com/en/support/advisories-notices/security-advisories/10702-security… (x_refsource_MISC)