MidnightBSD

Advisories for netkit

CVE-2001-0554 HIGH

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
freebsd freebsd 4.3
freebsd freebsd 2.2.5
sun sunos 5.7
netbsd netbsd 1.2.1
ibm aix 4.3.2
freebsd freebsd 4.0
netbsd netbsd 1.1
sun sunos 5.2
netbsd netbsd 1.4.2
freebsd freebsd 2.2.8
ibm aix 5.1
sun sunos 5.4
freebsd freebsd 2.2.1
freebsd freebsd 2.1.5
sun sunos 5.0
openbsd openbsd 2.0
openbsd openbsd 2.3
freebsd freebsd 3.2
freebsd freebsd 2.1.6.1
freebsd freebsd 2.2.4
sun sunos 5.1
sun solaris 2.6
freebsd freebsd 2.2.3
freebsd freebsd 2.1.7.1
freebsd freebsd 4.1.1
netkit linux_netkit 0.10
netkit linux_netkit 0.11
netbsd netbsd 1.4
mit kerberos_5 1.1
openbsd openbsd 2.7
netbsd netbsd 1.0
netbsd netbsd 1.3
freebsd freebsd 4.2
openbsd openbsd 2.2
sun sunos 5.5.1
netbsd netbsd 1.5.1
freebsd freebsd 3.1
mit kerberos_5 1.2
freebsd freebsd 3.5.1
sun sunos 5.3
sun sunos 5.8
ibm aix 4.3
netbsd netbsd 1.2
openbsd openbsd 2.1
netkit linux_netkit 0.12
sun sunos 5.5
freebsd freebsd 2.0.1
freebsd freebsd 2.1.7
openbsd openbsd 2.6
mit kerberos_5 1.2.1
netbsd netbsd 1.3.2
mit kerberos_5 1.1.1
freebsd freebsd 3.3
freebsd freebsd 2.2
freebsd freebsd 2.2.7
netbsd netbsd 1.3.1
freebsd freebsd 3.0
debian debian_linux 2.2
netbsd netbsd 1.4.1
freebsd freebsd 2.2.6
freebsd freebsd 2.0
mit kerberos 1.0
mit kerberos_5 1.2.2
freebsd freebsd 3.4
freebsd freebsd 2.1.0
netbsd netbsd 1.3.3
openbsd openbsd 2.5
ibm aix 4.3.1
netbsd netbsd 1.5
freebsd freebsd 3.5
openbsd openbsd 2.8
freebsd freebsd 2.1.6
sgi irix 6.5
freebsd freebsd 2.1
ibm aix 4.3.3
freebsd freebsd 2.0.5
openbsd openbsd 2.4
freebsd freebsd 4.1
netbsd netbsd 1.4.3
freebsd freebsd 2.2.2
CVE-2004-0640 HIGH

Format string vulnerability in the SSL_set_verify function in telnetd.c for SSLtelnet daemon (SSLtelnetd) 0.13 allows remote attackers to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ssltelnetd secure_telnet 0.13.1
netkit linux_netkit 0.17
netkit linux_netkit 0.17.17
CVE-2005-0178 MEDIUM

Race condition in the setsid function in Linux before 2.6.8.1 allows local users to cause a denial of service (crash) and possibly access portions of kernel memory, related to TTY changes, locking, and semaphores.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.5.4
linux linux_kernel 2.5.23
linux linux_kernel 2.0.9.9
linux linux_kernel 2.5.45
linux linux_kernel 2.3.99
linux linux_kernel 2.4.18
linux linux_kernel 2.6.20.1
linux linux_kernel 2.4.30
linux linux_kernel 2.2.24
linux linux_kernel 2.5.68
linux linux_kernel 2.2.13
linux linux_kernel 2.5.16
linux linux_kernel 2.4.7
linux linux_kernel 2.4.29
linux linux_kernel 2.4.15
linux linux_kernel 2.0.28
linux linux_kernel 2.2.6
linux linux_kernel 2.5.2
linux linux_kernel 2.0.27
linux linux_kernel 2.2.9
linux linux_kernel 2.5.62
linux linux_kernel 2.0.18
linux linux_kernel 2.2.25
linux linux_kernel 2.5.47
linux linux_kernel 2.2.11
linux linux_kernel 2.5.7
linux linux_kernel 2.4.4
linux linux_kernel 2.0.10
linux linux_kernel 2.5.11
linux linux_kernel 2.5.61
linux linux_kernel 2.6.8
linux linux_kernel 2.5.9
linux linux_kernel 2.0.20
linux linux_kernel 2.4.23_ow2
linux linux_kernel 2.2.12
linux linux_kernel 2.2.23
linux linux_kernel 2.5.48
linux linux_kernel 2.6.7
linux linux_kernel 2.0.36
linux linux_kernel 2.5.36
linux linux_kernel 2.6.11.5
linux linux_kernel 2.4.10
linux linux_kernel 2.5.66
linux linux_kernel 2.5.22
linux linux_kernel 2.0.16
linux linux_kernel 2.0.19
linux linux_kernel 2.5.25
linux linux_kernel 2.5.10
linux linux_kernel 2.4.22
linux linux_kernel 2.3.0
linux linux_kernel 2.5.59
vserver linux-vserver 1.22
linux linux_kernel 2.2.8
linux linux_kernel 2.0.21
linux linux_kernel 2.2.19
linux linux_kernel 2.5.19
linux linux_kernel 2.6_test9_cvs
linux linux_kernel 2.4.24_ow1
linux linux_kernel 2.2.17
linux linux_kernel 2.2.15
linux linux_kernel 2.5.41
linux linux_kernel 2.6.11
linux linux_kernel 2.0.26
linux linux_kernel 2.5.52
linux linux_kernel 2.4.11
linux linux_kernel 2.5.29
linux linux_kernel 2.4.25
linux linux_kernel 2.5.24
linux linux_kernel 2.4.6
linux linux_kernel 2.0.13
linux linux_kernel 2.0.17
linux linux_kernel 2.5.53
linux linux_kernel 2.5.51
linux linux_kernel 2.4.3
linux linux_kernel 2.4.1
linux linux_kernel 2.4.17
linux linux_kernel 2.6.1
linux linux_kernel 2.5.3
linux linux_kernel 2.5.17
linux linux_kernel 2.0.14
linux linux_kernel 2.5.60
linux linux_kernel 2.2.10
linux linux_kernel 2.4.14
linux linux_kernel 2.5.38
linux linux_kernel 2.5.44
linux linux_kernel 2.0.4
linux linux_kernel 2.2.18
linux linux_kernel 2.5.69
linux linux_kernel 2.0.29
linux linux_kernel 2.5.26
linux linux_kernel 2.5.0
linux linux_kernel 2.5.8
linux linux_kernel 2.5.28
linux linux_kernel 2.5.42
linux linux_kernel 2.0.8
linux linux_kernel 2.5.18
linux linux_kernel 2.2.3
linux linux_kernel 2.6.3
linux linux_kernel 2.4.19
linux linux_kernel 2.5.13
linux linux_kernel 2.0.32
linux linux_kernel 2.6.6
linux linux_kernel 2.5.43
linux linux_kernel 2.0.35
linux linux_kernel 2.4.23
linux linux_kernel 2.0.30
linux linux_kernel 2.4.16
linux linux_kernel 2.2.22
linux linux_kernel 2.5.56
linux linux_kernel 2.2.7
netkit linux_netkit 0.17
linux linux_kernel 2.0.7
linux linux_kernel 2.0.22
linux linux_kernel 2.6.11.4
linux linux_kernel 2.5.5
vserver linux-vserver 1.23
linux linux_kernel 2.0.11
linux linux_kernel 2.5.50
linux linux_kernel 2.5.39
linux linux_kernel 2.2.15_pre20
linux linux_kernel 2.4.28
linux linux_kernel 2.5.57
vserver linux-vserver 1.20
linux linux_kernel 2.2.0
linux linux_kernel 2.6.12
linux linux_kernel 2.5.15
linux linux_kernel 2.0.39
linux linux_kernel 2.5.58
linux linux_kernel 2.2.16
linux linux_kernel 2.5.32
linux linux_kernel 2.0.3
linux linux_kernel 2.4.20
linux linux_kernel 2.5.54
linux linux_kernel 2.5.40
linux linux_kernel 2.0.12
linux linux_kernel 2.2.5
linux linux_kernel 2.5.34
linux linux_kernel 2.6.10
linux linux_kernel 2.5.64
linux linux_kernel 2.1
linux linux_kernel 2.5.30
linux linux_kernel 2.5.46
linux linux_kernel 2.5.31
linux linux_kernel 2.5.12
linux linux_kernel 2.0.24
linux linux_kernel 2.0.25
linux linux_kernel 2.5.67
linux linux_kernel 2.2.1
linux linux_kernel 2.0.38
linux linux_kernel 2.5.33
linux linux_kernel 2.0.23
linux linux_kernel 2.4.21
linux linux_kernel 2.5.37
vserver linux-vserver 1.24
linux linux_kernel 2.6.11.1
linux linux_kernel 2.6.11.8
linux linux_kernel 2.4.12
linux linux_kernel 2.2.14
linux linux_kernel 2.5.6
linux linux_kernel 2.4.2
linux linux_kernel 2.0.5
linux linux_kernel 2.6.11.7
linux linux_kernel 2.5.65
linux linux_kernel 2.4.26
linux linux_kernel 2.0.37
linux linux_kernel 2.5.21
linux linux_kernel 2.5.35
netkit linux_netkit 0.17.17
linux linux_kernel 2.5.63
linux linux_kernel 2.4.13
linux linux_kernel 2.6.11.2
linux linux_kernel 2.2.21
linux linux_kernel 2.0
linux linux_kernel 2.4.5
linux linux_kernel 2.0.33
vserver linux-vserver 1.21
linux linux_kernel 2.6.0
linux linux_kernel 2.0.2
linux linux_kernel 2.6.11.3
linux linux_kernel 2.0.34
linux linux_kernel 2.0.15
linux linux_kernel 2.0.31
linux linux_kernel 2.5.1
linux linux_kernel 2.0.1
linux linux_kernel 2.5.27
linux linux_kernel 2.5.20
linux linux_kernel 2.4.31
linux linux_kernel 2.4.24
linux linux_kernel 2.6.5
linux linux_kernel 2.2.2
linux linux_kernel 2.5.55
linux linux_kernel 2.0.6
linux linux_kernel 2.2.4
linux linux_kernel 2.1.89
linux linux_kernel 2.2.20
linux linux_kernel 2.0.9
linux linux_kernel 2.2.27
linux linux_kernel 2.4.0
linux linux_kernel 2.4.9
linux linux_kernel 2.5.49
linux linux_kernel 2.5.14
linux linux_kernel 2.6.2
linux linux_kernel 2.6.11.6
linux linux_kernel 2.4.27
linux linux_kernel 2.6.4
linux linux_kernel 2.4.8
CVE-2019-7282 MEDIUM

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 2.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
fedoraproject fedora 34
fedoraproject fedora 36
fedoraproject fedora 35
netkit netkit *
debian debian_linux 9.0
CVE-2019-7283 MEDIUM

An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server (or Man-in-The-Middle attacker) can overwrite arbitrary files in a directory on the rcp client machine. This is similar to CVE-2019-6111.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.4 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H 2.2 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
netkit netkit *
debian debian_linux 9.0
CVE-2023-38336

netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778.

Products Affected

Vendor Product Version
netkit netkit 0.17-24