utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.
Attack Vector Network
Attack Complexity Low
Privileges Required None
Scope Unchanged
Confidentiality Impact High
Integrity Impact High
Availability Impact High
User Interaction None
No CVSS v3.0
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
AV:N/AC:L/Au:N/C:C/I:C/A:C
Vendors | Products |
---|---|
Arista |
|
Oracle |
|
Fedoraproject |
|
Debian |
|
Juniper |
|
Netkit Telnet Project |
|
Configuration 1 [-]
|
Configuration 2 [-]
|
Configuration 3 [-]
|
Configuration 4 [-]
|
Configuration 5 [-]
|
Configuration 6 [-]
|
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-03-06T14:07:21
Updated: 2021-11-08T11:09:32
Reserved: 2020-03-06T00:00:00
Link: CVE-2020-10188
JSON object: View
NVD Information
Status : Modified
Published: 2020-03-06T15:15:14.020
Modified: 2023-11-07T03:14:07.460
Link: CVE-2020-10188
JSON object: View
Redhat Information
No data.
CWE