VYPR

telnet

by FreeBSD

CVEs (4)

  • CVE-2016-1888HigFeb 15, 2017
    risk 0.49cvss 7.5epss 0.02

    The telnetd service in FreeBSD 9.3, 10.1, 10.2, 10.3, and 11.0 allows remote attackers to inject arguments to login and bypass authentication via vectors involving a "sequence of memory allocation failures."

  • CVE-2005-0468May 2, 2005
    risk 0.05cvss epss 0.27

    Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated.

  • CVE-2009-0641Feb 20, 2009
    risk 0.04cvss epss 0.09

    sys_term.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions deletes dangerous environment variables with a method that was valid only in older FreeBSD distributions, which might allow remote attackers to execute arbitrary code by passing a crafted environment variable…

  • CVE-2005-0469May 2, 2005
    risk 0.01cvss epss 0.09

    Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.