Telnetd
by Telnetd
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-1888 | Hig | 0.49 | 7.5 | 0.01 | Feb 15, 2017 | The telnetd service in FreeBSD 9.3, 10.1, 10.2, 10.3, and 11.0 allows remote attackers to inject arguments to login and bypass authentication via vectors involving a "sequence of memory allocation failures." | ||
| CVE-2009-0641 | 0.04 | — | 0.10 | Feb 20, 2009 | sys_term.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions deletes dangerous environment variables with a method that was valid only in older FreeBSD distributions, which might allow remote attackers to execute arbitrary code by passing a crafted environment variable… | |||
| CVE-2001-0554 | 0.04 | — | 0.17 | Aug 14, 2001 | Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. | |||
| CVE-2000-0166 | 0.04 | — | 0.07 | Feb 21, 2000 | Buffer overflow in the InterAccess telnet server TelnetD allows remote attackers to execute commands via a long login name. | |||
| CVE-2001-0093 | 0.03 | — | 0.00 | Feb 12, 2001 | Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd. | |||
| CVE-2005-2040 | 0.00 | — | 0.02 | Jun 20, 2005 | Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal before 0.6.5 may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2005-0468 and CVE-2005-0469. | |||
| CVE-2004-0998 | 0.00 | — | 0.06 | Dec 23, 2004 | Format string vulnerability in telnetd-ssl 0.17 and earlier allows remote attackers to execute arbitrary code. | |||
| CVE-2000-1195 | 0.00 | — | 0.00 | Aug 31, 2001 | telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option. | |||
| CVE-2000-1184 | 0.00 | — | 0.01 | Jan 9, 2001 | telnetd in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service by specifying an arbitrary large file in the TERMCAP environmental variable, which consumes resources as the server processes the file. |
- risk 0.49cvss 7.5epss 0.01
The telnetd service in FreeBSD 9.3, 10.1, 10.2, 10.3, and 11.0 allows remote attackers to inject arguments to login and bypass authentication via vectors involving a "sequence of memory allocation failures."
- CVE-2009-0641Feb 20, 2009risk 0.04cvss —epss 0.10
sys_term.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions deletes dangerous environment variables with a method that was valid only in older FreeBSD distributions, which might allow remote attackers to execute arbitrary code by passing a crafted environment variable…
- CVE-2001-0554Aug 14, 2001risk 0.04cvss —epss 0.17
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
- CVE-2000-0166Feb 21, 2000risk 0.04cvss —epss 0.07
Buffer overflow in the InterAccess telnet server TelnetD allows remote attackers to execute commands via a long login name.
- CVE-2001-0093Feb 12, 2001risk 0.03cvss —epss 0.00
Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd.
- CVE-2005-2040Jun 20, 2005risk 0.00cvss —epss 0.02
Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal before 0.6.5 may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2005-0468 and CVE-2005-0469.
- CVE-2004-0998Dec 23, 2004risk 0.00cvss —epss 0.06
Format string vulnerability in telnetd-ssl 0.17 and earlier allows remote attackers to execute arbitrary code.
- CVE-2000-1195Aug 31, 2001risk 0.00cvss —epss 0.00
telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option.
- CVE-2000-1184Jan 9, 2001risk 0.00cvss —epss 0.01
telnetd in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service by specifying an arbitrary large file in the TERMCAP environmental variable, which consumes resources as the server processes the file.