Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
archlinuxArchLinuxASA-202106-20
HistoryJun 09, 2021 - 12:00 a.m.

[ASA-202106-20] inetutils: arbitrary code execution

2021-06-0900:00:00
security.archlinux.org
126

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.833 High

EPSS

Percentile

98.5%

JSON

Arch Linux Security Advisory ASA-202106-20

Severity: High
Date : 2021-06-09
CVE-ID : CVE-2019-0053 CVE-2020-10188
Package : inetutils
Type : arbitrary code execution
Remote : Yes
Link : https://security.archlinux.org/AVG-1003

Summary

The package inetutils before version 2.0-1 is vulnerable to arbitrary
code execution.

Resolution

Upgrade to 2.0-1.

pacman -Syu β€œinetutils>=2.0-1”

The problems have been fixed upstream in version 2.0.

Workaround

None.

Description

  • CVE-2019-0053 (arbitrary code execution)

inetutils before version 1.9.4.90 contains a stack overflow
vulnerability in the client-side environment variable handling which
can be exploited to escape restricted shells on embedded devices. A
stack-based overflow is present in the handling of environment
variables when connecting telnet.c to remote telnet servers through
oversized DISPLAY arguments.

  • CVE-2020-10188 (arbitrary code execution)

A vulnerability was found in inetutils before version 1.9.4.91 where
incorrect bounds checks in the telnet server’s (telnetd) handling of
short writes and urgent data could lead to information disclosure and
corruption of heap data. An unauthenticated remote attacker could
exploit these bugs by sending specially crafted telnet packets to
achieve arbitrary code execution in the telnet server.

Impact

Requesting environment variables with crafted contents could lead to
arbitrary code execution in a telnet client. Additionally an
unauthenticated remote attacker could execute arbitrary code on a
telnet server via crafted packets.

References

https://bugs.archlinux.org/task/70040
https://raw.githubusercontent.com/hackerhouse-opensource/exploits/master/inetutils-telnet.txt
https://git.savannah.gnu.org/gitweb/?p=inetutils.git;a=commitdiff;h=1480573a908254662074865406ac6fbde4694e5d
https://git.savannah.gnu.org/gitweb/?p=inetutils.git;a=commitdiff;h=07fdb4201a3a5e6df92c0929c65671ce4ba8af5a
https://bugzilla.redhat.com/show_bug.cgi?id=1811673
https://git.savannah.gnu.org/gitweb/?p=inetutils.git;a=commitdiff;h=cd7e7e685daeafb68f19347747af6340731a4518
https://security.archlinux.org/CVE-2019-0053
https://security.archlinux.org/CVE-2020-10188

OSVersionArchitecturePackageVersionFilename
ArchLinuxanyanyinetutils<Β 2.0-1UNKNOWN

Related

nessus 45
mageia 2
prion 2
openvas 21
nvd 2
debian 4
fedora 3
broadcom 1
redhat 7
checkpoint_advisories 1
osv 5
paloalto 1
cisco 1
cve 2
oraclelinux 4
amazon 2
ubuntu 2
arista 1
ubuntucve 2
cvelist 2
centos 2
f5 1
cisa 1
redhatcve 1
debiancve 2
veracode 1
freebsd 1
githubexploit 1
freebsd_advisory 1
jvn 1
oracle 1
nessus
nessus
Debian DLA-2176-1 : inetutils security update
2020-05-15 00:00:00
RHEL 7 : telnet (RHSA-2022:0011)
2022-01-04 00:00:00
EulerOS 2.0 SP3 : telnet (EulerOS-SA-2020-2065)
2020-09-28 00:00:00
mageia
mageia
Updated krb5-appl packages fix security vulnerability
2020-04-15 13:12:14
Updated netkit-telnet packages fix security vulnerability
2020-05-15 18:48:04
prion
prion
Buffer overflow
2020-03-06 15:15:00
Stack overflow
2019-07-11 20:15:00
openvas
openvas
Debian: Security Advisory (DLA-2341-1)
2020-08-25 00:00:00
Mageia: Security Advisory (MGASA-2020-0169)
2022-01-28 00:00:00
CentOS: Security Advisory for krb5-appl-clients (CESA-2020:1349)
2020-04-09 00:00:00
nvd
nvd
CVE-2020-10188
2020-03-06 15:15:14
CVE-2019-0053
2019-07-11 20:15:11
debian
debian
[SECURITY] [DLA 2341-1] inetutils security update
2020-08-24 09:10:08
[SECURITY] [DLA 2176-1] inetutils security update
2020-05-14 12:31:09
[SECURITY] [DLA 3611-1] inetutils security update
2023-10-08 11:16:51
fedora
fedora
[SECURITY] Fedora 30 Update: telnet-0.17-77.fc30
2020-04-04 04:19:03
[SECURITY] Fedora 32 Update: telnet-0.17-79.fc32
2020-04-01 16:35:49
[SECURITY] Fedora 31 Update: telnet-0.17-78.fc31
2020-04-04 03:23:08
broadcom
broadcom
BSA-2021-1013
2021-07-10 00:00:00
redhat
redhat
(RHSA-2020:1342) Important: telnet security update
2020-04-07 07:01:47
(RHSA-2022:0011) Important: telnet security update
2022-01-04 07:56:18
(RHSA-2022:0158) Important: telnet security update
2022-01-18 08:22:01
checkpoint_advisories
checkpoint_advisories
Netkit Telnet Buffer Overflow (CVE-2020-10188)
2020-12-27 00:00:00
osv
osv
inetutils vulnerability
2021-08-20 17:56:24
inetutils vulnerability
2021-08-19 19:14:10
inetutils - security update
2020-04-14 00:00:00
paloalto
paloalto
PAN-OS: Impact of Telnet Remote-Code-Execution (RCE) Vulnerability (CVE-2020-10188)
2021-09-08 16:00:00
cisco
cisco
Telnet Vulnerability Affecting Cisco Products: June 2020
2020-06-24 16:00:00
cve
cve
CVE-2020-10188
2020-03-06 15:15:14
CVE-2019-0053
2019-07-11 20:15:11
oraclelinux
oraclelinux
telnet security update
2020-04-07 00:00:00
telnet security update
2020-04-11 00:00:00
telnet security update
2020-04-07 00:00:00
amazon
amazon
Important: telnet
2020-06-23 06:42:00
Important: telnet
2020-05-05 01:20:00
ubuntu
ubuntu
Inetutils vulnerability
2021-08-19 00:00:00
Inetutils vulnerability
2021-08-20 00:00:00
arista
arista
Security Advisory 0048
2020-05-13 00:00:00
ubuntucve
ubuntucve
CVE-2020-10188
2020-03-06 00:00:00
CVE-2019-0053
2019-07-11 00:00:00
cvelist
cvelist
CVE-2020-10188
2020-03-06 14:07:21
CVE-2019-0053 Junos OS: Insufficient validation of environment variables in telnet client may lead to stack-based buffer overflow
2019-07-11 00:00:00
centos
centos
telnet security update
2020-04-08 15:30:05
krb5 security update
2020-04-08 15:29:38
f5
f5
K22130301 : Telnet vulnerability CVE-2020-10188
2020-05-07 00:00:00
cisa
cisa
Cisco Releases Security Advisory for Telnet Vulnerability in IOS XE Software
2020-06-25 00:00:00
redhatcve
redhatcve
CVE-2020-10188
2020-03-09 15:41:07
debiancve
debiancve
CVE-2020-10188
2020-03-06 15:15:14
CVE-2019-0053
2019-07-11 20:15:11
veracode
veracode
Remote Code Execution (RCE)
2022-01-14 06:00:46
freebsd
freebsd
FreeBSD -- telnet(1) client multiple vulnerabilities
2019-07-24 00:00:00
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Juniper Junos
2020-02-28 21:12:43
freebsd_advisory
freebsd_advisory
FreeBSD-SA-19:12.telnet
2019-07-24 00:00:00
jvn
jvn
JVN#96561229: Multiple vulnerabilities in Operation management interface of FUJITSU Network IPCOM
2022-05-09 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2021
2021-04-20 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.833 High

EPSS

Percentile

98.5%

JSON
Related for ASA-202106-20
nessus45mageia2prion2openvas21nvd2debian4fedora3broadcom1redhat7checkpoint_advisories1osv5paloalto1cisco1cve2oraclelinux4amazon2ubuntu2arista1ubuntucve2cvelist2centos2f51cisa1redhatcve1debiancve2veracode1freebsd1githubexploit1freebsd_advisory1jvn1oracle1