10

CVE-2001-0554

Exploit

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

Data is provided by the National Vulnerability Database (NVD)
MitKerberos Version1.0
MitKerberos 5 Version1.1
MitKerberos 5 Version1.1.1
MitKerberos 5 Version1.2
MitKerberos 5 Version1.2.1
MitKerberos 5 Version1.2.2
NetkitLinux Netkit Version0.10
NetkitLinux Netkit Version0.11
NetkitLinux Netkit Version0.12
SgiIrix Version6.5
FreebsdFreebsd Version2.0
FreebsdFreebsd Version2.0.1
FreebsdFreebsd Version2.0.5
FreebsdFreebsd Version2.1 Updatestable
FreebsdFreebsd Version2.1.0
FreebsdFreebsd Version2.1.5
FreebsdFreebsd Version2.1.6
FreebsdFreebsd Version2.1.6.1
FreebsdFreebsd Version2.1.7
FreebsdFreebsd Version2.1.7.1
FreebsdFreebsd Version2.2
FreebsdFreebsd Version2.2 Updatecurrent
FreebsdFreebsd Version2.2.1
FreebsdFreebsd Version2.2.2
FreebsdFreebsd Version2.2.3
FreebsdFreebsd Version2.2.4
FreebsdFreebsd Version2.2.5
FreebsdFreebsd Version2.2.6
FreebsdFreebsd Version2.2.7
FreebsdFreebsd Version2.2.8
FreebsdFreebsd Version3.0
FreebsdFreebsd Version3.0 Updatereleng
FreebsdFreebsd Version3.1
FreebsdFreebsd Version3.2
FreebsdFreebsd Version3.3
FreebsdFreebsd Version3.4
FreebsdFreebsd Version3.5
FreebsdFreebsd Version3.5 Updatestable
FreebsdFreebsd Version3.5.1
FreebsdFreebsd Version3.5.1 Updaterelease
FreebsdFreebsd Version3.5.1 Updatestable
FreebsdFreebsd Version4.0
FreebsdFreebsd Version4.0 Updatealpha
FreebsdFreebsd Version4.0 Updatereleng
FreebsdFreebsd Version4.1
FreebsdFreebsd Version4.1.1
FreebsdFreebsd Version4.2
FreebsdFreebsd Version4.3
IbmAix Version4.3
IbmAix Version4.3.1
IbmAix Version4.3.2
IbmAix Version4.3.3
IbmAix Version5.1
NetbsdNetbsd Version1.0
NetbsdNetbsd Version1.1
NetbsdNetbsd Version1.2
NetbsdNetbsd Version1.2.1
NetbsdNetbsd Version1.3
NetbsdNetbsd Version1.3.1
NetbsdNetbsd Version1.3.2
NetbsdNetbsd Version1.3.3
NetbsdNetbsd Version1.4
NetbsdNetbsd Version1.4.1
NetbsdNetbsd Version1.4.2
NetbsdNetbsd Version1.4.3
NetbsdNetbsd Version1.5
NetbsdNetbsd Version1.5.1
OpenbsdOpenbsd Version2.0
OpenbsdOpenbsd Version2.1
OpenbsdOpenbsd Version2.2
OpenbsdOpenbsd Version2.3
OpenbsdOpenbsd Version2.4
OpenbsdOpenbsd Version2.5
OpenbsdOpenbsd Version2.6
OpenbsdOpenbsd Version2.7
OpenbsdOpenbsd Version2.8
SunSolaris Version2.6
SunSunos Version5.0
SunSunos Version5.1
SunSunos Version5.2
SunSunos Version5.3
SunSunos Version5.4
SunSunos Version5.5
SunSunos Version5.5.1
SunSunos Version5.7
SunSunos Version5.8
DebianDebian Linux Version2.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 16.67% 0.947
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

http://online.securityfocus.com/advisories/3476
Third Party Advisory
Broken Link
VDB Entry
http://online.securityfocus.com/archive/1/199496
Third Party Advisory
Broken Link
VDB Entry
http://online.securityfocus.com/archive/1/199541
Third Party Advisory
Broken Link
VDB Entry
http://online.securityfocus.com/archive/1/203000
Third Party Advisory
Broken Link
VDB Entry
http://www.cert.org/advisories/CA-2001-21.html
Patch
Third Party Advisory
US Government Resource
http://www.securityfocus.com/archive/1/197804
Third Party Advisory
Vendor Advisory
Exploit
VDB Entry
http://www.securityfocus.com/bid/3064
Patch
Third Party Advisory
Vendor Advisory
Exploit
VDB Entry