Your submission was sent successfully! Close

CVE-2020-10188

Published: 6 March 2020

utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
inetutils
Launchpad, Ubuntu, Debian
bionic
Released (2:1.9.4-3ubuntu0.1)
focal
Released (2:1.9.4-11ubuntu0.1)
groovy Not vulnerable
(2:1.9.4-12)
hirsute Not vulnerable
(2:1.9.4-12)
impish Not vulnerable
(2:1.9.4-12)
jammy Not vulnerable
(2:1.9.4-12)
precise Does not exist

trusty Needs triage

upstream Needs triage

xenial Ignored
(end of standard support, was needs-triage)
netkit-telnet
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(0.17-41)
eoan Ignored
(reached end-of-life)
focal Not vulnerable
(0.17-41.2build1)
groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Not vulnerable
(0.17-42)
jammy Not vulnerable
(0.17-44build1)
precise Ignored
(end of ESM support, was not-affected)
trusty Not vulnerable
(0.17-36build2)
upstream
Released (0.17-18woody2)
xenial Not vulnerable
(0.17-40)
netkit-telnet-ssl
Launchpad, Ubuntu, Debian
bionic Needs triage

eoan Ignored
(reached end-of-life)
focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Needs triage

jammy Needs triage

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Ignored
(end of standard support, was needs-triage)