VYPR

Inetutils

by GNU

Source repositories

CVEs (8)

  • CVE-2026-32746CriMar 13, 2026
    risk 0.67cvss 9.8epss 0.24

    telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.

  • CVE-2026-32772LowMar 16, 2026
    risk 0.22cvss 3.4epss 0.00

    telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.

  • CVE-2026-24061KEVJan 21, 2026
    risk 0.22cvss epss 0.99

    telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.

  • CVE-2011-4862Dec 25, 2011
    risk 0.04cvss epss 0.95

    Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long…

  • CVE-2026-28372Feb 27, 2026
    risk 0.00cvss epss 0.00

    telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment…

  • CVE-2023-40303Aug 14, 2023
    risk 0.00cvss epss 0.00

    GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before…

  • CVE-2022-39028Aug 30, 2022
    risk 0.00cvss epss 0.02

    telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However,…

  • CVE-2021-40491Sep 3, 2021
    risk 0.00cvss epss 0.01

    The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl.