Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0554

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2001-0554
Last Modified 05 Sep 2008 04:24:23
Published 14 Aug 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0554

Summary

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

Vulnerable Systems

Operating System

  • Freebsd 3.5.1

  • Freebsd 4.1.1

  • Freebsd 4.2

  • Freebsd 4.3

  • Ibm Aix 4.3

  • Ibm Aix 4.3.1

  • Ibm Aix 4.3.2

  • Ibm Aix 4.3.3

  • Ibm Aix 5.1

  • Netbsd 1.0

  • Netbsd 1.1

  • Netbsd 1.2

  • Netbsd 1.2.1

  • Netbsd 1.3

  • Netbsd 1.3.1

  • Netbsd 1.3.2

  • Netbsd 1.3.3

  • Netbsd 1.4

  • Netbsd 1.4.1

  • Netbsd 1.4.2

  • Netbsd 1.4.3

  • Netbsd 1.5

  • Netbsd 1.5.1

  • Openbsd 2.0

  • Openbsd 2.1

  • Openbsd 2.2

  • Openbsd 2.3

  • Openbsd 2.4

  • Openbsd 2.5

  • Openbsd 2.6

  • Openbsd 2.7

  • Openbsd 2.8

  • Sgi Irix 6.5

  • Sun Solaris 2.0

  • Sun Solaris 2.1

  • Sun Solaris 2.2

  • Sun Solaris 2.3

  • Sun Solaris 2.4

  • Sun Solaris 2.5

  • Sun Solaris 2.5.1

  • Sun Solaris 2.6

  • Sun Solaris 7.0

  • Sun Solaris 8.0

Application

  • Linux Netkit 0.10

  • Linux Netkit 0.11

  • Linux Netkit 0.12

  • Mit Kerberos 1.0

  • Mit Kerberos 5 1.1

  • Mit Kerberos 5 1.1.1

  • Mit Kerberos 5-1.2

  • Mit Kerberos 5-1.2.1

  • Mit Kerberos 5-1.2.2


References

CERT - CA-2001-21

BID - 3064

FREEBSD - FreeBSD-SA-01:49

XF - telnetd-option-telrcv-bo(6875)

BUGTRAQ - 20010718 multiple vendor telnet daemon vulnerability

REDHAT - RHSA-2001:100

REDHAT - RHSA-2001:099

OSVDB - 809

SUSE - SuSE-SA:2001:029

MANDRAKE - MDKSA-2001:068

DEBIAN - DSA-075

DEBIAN - DSA-070

CISCO - 20020129 Cisco CatOS Telnet Buffer Vulnerability

CIAC - L-131

CALDERA - CSSA-2001-030.0

BUGTRAQ - 20010810 ADV/EXP: netkit <=0.17 in.telnetd remote buffer overflow

BUGTRAQ - 20010725 SCO - Telnetd AYT overflow ?

BUGTRAQ - 20010725 Telnetd AYT overflow scanner

IBM - MSS-OAR-E01-2001:298

COMPAQ - SSRT0745U

CONECTIVA - CLA-2001:413

HP - HPSBUX0110-172

CALDERA - CSSA-2001-SCO.10

SGI - 20010801-01-P

NETBSD - NetBSD-SA2001-012


Last Updated: 27 May 2016 10:36:18