Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Debian Security Advisory DSA 075-1 (netkit-telnet-ssl)

Information

Severity

Severity

Critical

Family

Family

Debian Local Security Checks

CVSSv2 Base

CVSSv2 Base

10.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

16 years ago

Modified

Modified

6 years ago

Summary

The remote host is missing an update to netkit-telnet-ssl announced via advisory DSA 075-1.

Insight

Insight

The telnet daemon contained in the netkit-telnet-ssl_0.16.3-1 package in the 'stable' (potato) distribution of Debian GNU/Linux is vulnerable to an exploitable overflow in its output handling. The original bug was found by <scut@nb.in-berlin.de>, and announced to bugtraq on Jul 18 2001. At that time, netkit-telnet versions after 0.14 were not believed to be vulnerable. On Aug 10 2001, zen-parse posted an advisory based on the same problem, for all netkit-telnet versions below 0.17. As Debian uses the 'telnetd' user to run in.telnetd, this is not a remote root compromise on Debian systems the 'telnetd' user can be compromised. We strongly advise you update your netkit-telnet-ssl packages to the versions listed below.

Solution

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20075-1

Common Vulnerabilities and Exposures (CVE)