Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 6 of 6 results


CVE-2023-40303

Medium priority

Some fixes available 6 of 9

GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails...

1 affected packages

inetutils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
inetutils Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2022-39028

Medium priority

Some fixes available 2 of 5

telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet...

1 affected packages

inetutils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
inetutils Not affected Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2021-40491

Medium priority

Some fixes available 4 of 6

The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl.

1 affected packages

inetutils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
inetutils Not affected Not affected Fixed Fixed Fixed
Show less packages

CVE-2020-10188

Medium priority

Some fixes available 3 of 20

utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.

3 affected packages

inetutils, netkit-telnet, netkit-telnet-ssl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
inetutils Not affected Not affected Fixed Fixed Fixed
netkit-telnet Not in release Not affected Not affected Not affected Not affected
netkit-telnet-ssl Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2019-0053

Medium priority
Needs evaluation

Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffer overflows, which can be exploited to bypass veriexec restrictions on Junos OS. A stack-based overflow is...

2 affected packages

inetutils, socks4-server

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
inetutils Not affected Not affected Not affected Needs evaluation Needs evaluation
socks4-server Not in release Not in release Not in release Needs evaluation Needs evaluation
Show less packages

CVE-2011-4862

Medium priority
Ignored

Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows...

4 affected packages

heimdal, inetutils, krb5, krb5-appl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
heimdal Not affected
inetutils Not affected
krb5 Not affected
krb5-appl Not in release
Show less packages