var-200108-0064
Vulnerability from variot
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. The telnetd program is a server for the telnet remote virtual terminal protocol. There is a remotely exploitable buffer overflow in telnet daemons derived from BSD source code. This vulnerability can crash the server, or be leveraged to gain root access. The function responsible for processing the options prepares a response within a fixed sized buffer, without performing any bounds checking. This vulnerability is now being actively exploited. A worm is known to be circulating around the Internet. Exposure:
Remote root compromise through buffer handling flaws
Confirmed vulnerable:
Up-to-date Debian 3.0 woody (issue is Debian-specific) Debian netkit-telnet-ssl-0.17.24+0.1 package Debian netkit-telnet-ssl-0.17.17+0.1 package
Mitigating factors:
Telnet service must be running and accessible to the attacker. Nowadays, telnet service presence on newly deployed Linux hosts is relatively low. The service is still used for LAN access from other unix platforms, and to host various non-shell services (such as MUDs).
Problem description:
Netkit telnetd implementation shipped with Debian Linux appears to be lacking the AYT vulnerability patch. This patch was devised by Red Hat (?) and incorporated into Debian packages, but later dropped.
This exposes the platform to a remote root problem discovered by scut of TESO back in 2001 (CVE-2001-0554), as well as to other currently unpublished flaws associated with the old buffer handling code, and elliminated by the Red Hat's overhaul of buffer handling routines.
Based on a review of package changelogs, my best guess is that the patch was accidentally dropped by Christoph Martin in December 2001, but I have not researched the matter any further.
Vendor response:
I have contacted Debian security staff on August 29, and received a confirmation of the problem from Matt Zimmerman shortly thereafter.
Since this is not a new flaw, I did not plan to release my own advisory, hoping they will release a DSA bulletin and fix the problem. Three weeks have passed, however, and Debian did not indicate any clear intent to release the information any time soon. They did release nine other advisories in the meantime, some of which were of lesser importance.
As such, I believe it is a good idea to bring the problem to public attention, particularly since those running telnetd were and are, unbeknownst to them, vulnerable to existing exploits.
Workaround:
Disable telnet service if not needed; manually apply Red Hat netkit patches, or compile the daemon from Red Hat sources.
Note that netkit as such is no longer maintained by the author, and hence obtaining the most recent source tarball (0.17) is NOT sufficient. You may also examine other less popular telnetd implementations, but be advised that almost all are heavily based on the original code, and not always up-to-date with security fixes for that codebase.
PS. Express your outrage: http://eprovisia.coredump.cx
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200108-0064", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "catalyst csx", scope: "eq", trust: 2.4, vendor: "cisco", version: "60005.3", }, { model: "aix", scope: "eq", trust: 2.1, vendor: "ibm", version: "4.3", }, { model: "aix", scope: "eq", trust: 2.1, vendor: "ibm", version: "5.1", }, { model: "netbsd", scope: "eq", trust: 1.9, vendor: "netbsd", version: "1.3.2", }, { model: "netbsd", scope: "eq", trust: 1.9, vendor: "netbsd", version: "1.3.1", }, { model: "netbsd", scope: "eq", trust: 1.9, vendor: "netbsd", version: "1.2", }, { model: "vpn concentrator", scope: "eq", trust: 1.5, vendor: "cisco", version: "30002.5.2", }, { model: "solaris", scope: "eq", trust: 1.3, vendor: "sun", version: "2.6", }, { model: "irix", scope: "eq", trust: 1.3, vendor: "sgi", version: "6.5", }, { model: "openbsd", scope: "eq", trust: 1.3, vendor: "openbsd", version: "2.8", }, { model: "openbsd", scope: "eq", trust: 1.3, vendor: "openbsd", version: "2.7", }, { model: "openbsd", scope: "eq", trust: 1.3, vendor: "openbsd", version: "2.6", }, { model: "openbsd", scope: "eq", trust: 1.3, vendor: "openbsd", version: "2.5", }, { model: "openbsd", scope: "eq", trust: 1.3, vendor: "openbsd", version: "2.4", }, { model: "openbsd", scope: "eq", trust: 1.3, vendor: "openbsd", version: "2.3", }, { model: "openbsd", scope: "eq", trust: 1.3, vendor: "openbsd", version: "2.2", }, { model: "openbsd", scope: "eq", trust: 1.3, vendor: "openbsd", version: "2.1", }, { model: "openbsd", scope: "eq", trust: 1.3, vendor: "openbsd", version: "2.0", }, { model: "linux netkit", scope: "eq", trust: 1.3, vendor: "netkit", version: "0.12", }, { model: "linux netkit", scope: "eq", trust: 1.3, vendor: "netkit", version: "0.11", }, { model: "linux netkit", scope: "eq", trust: 1.3, vendor: "netkit", version: "0.10", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.5.1", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.5", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.4.3", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.4.2", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.4.1", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.4", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.3.3", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.3", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.2.1", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.1", }, { model: "netbsd", scope: "eq", trust: 1.3, vendor: "netbsd", version: "1.0", }, { model: "aix", scope: "eq", trust: 1.3, vendor: "ibm", version: "4.3.3", }, { model: "aix", scope: "eq", trust: 1.3, vendor: "ibm", version: "4.3.2", }, { model: "aix", scope: "eq", trust: 1.3, vendor: "ibm", version: "4.3.1", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "4.3", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.1.0", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.1", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.1.7.1", }, { model: "sunos", scope: "eq", trust: 1, vendor: "sun", version: "5.5", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.2.4", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "3.4", }, { model: "sunos", scope: "eq", trust: 1, vendor: "sun", version: "5.0", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "3.0", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.2", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "2.2", }, { model: "kerberos", scope: "eq", trust: 1, vendor: "mit", version: "1.0", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.2.2", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.2.3", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.2.2", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.2.6", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "4.1.1", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "3.5", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.0.1", }, { model: "sunos", scope: "eq", trust: 1, vendor: "sun", version: "5.8", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.2.5", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "4.2", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "3.1", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.2.1", }, { model: "sunos", scope: "eq", trust: 1, vendor: "sun", version: "5.5.1", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.2.7", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "4.0", }, { model: "sunos", scope: "eq", trust: 1, vendor: "sun", version: "5.7", }, { model: "kerberos 5", scope: "eq", trust: 1, vendor: "mit", version: "1.1.1", }, { model: "sunos", scope: "eq", trust: 1, vendor: "sun", version: "5.2", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.1.6.1", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "4.1", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.0", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.2", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "3.3", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.1.6", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "3.5.1", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.1.5", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.0.5", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.2.8", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.1.7", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.1", }, { model: "sunos", scope: "eq", trust: 1, vendor: "sun", version: "5.4", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "3.2", }, { model: "sunos", scope: "eq", trust: 1, vendor: "sun", version: "5.3", }, { model: "sunos", scope: "eq", trust: 1, vendor: "sun", version: "5.1", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "2.2.1", }, { model: "solaris", scope: "eq", trust: 0.9, vendor: "sun", version: "7.0", }, { model: "catalyst", scope: "eq", trust: 0.9, vendor: "cisco", version: "60006.1", }, { model: "catalyst", scope: "eq", trust: 0.9, vendor: "cisco", version: "60005.5", }, { model: "catalyst", scope: "eq", trust: 0.9, vendor: "cisco", version: "50006.1", }, { model: "catalyst", scope: "eq", trust: 0.9, vendor: "cisco", version: "40006.1", }, { model: "catalyst", scope: "eq", trust: 0.9, vendor: "cisco", version: "40005.1", }, { model: null, scope: null, trust: 0.8, vendor: "apple", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "bsdi", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "caldera", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "conectiva", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "cray", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "debian", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "freebsd", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "hewlett packard", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "ibm", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "mit kerberos team", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "netbsd", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "openbsd", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "redhat", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "sgi", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "suse", version: null, }, { model: null, scope: null, trust: 0.8, vendor: "sun", version: null, }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "2.5.1 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "2.5.1 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "2.6 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "2.6 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "7.0 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "7.0 (x86)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "8 (sparc)", }, { model: "solaris", scope: "eq", trust: 0.8, vendor: "sun microsystems", version: "8 (x86)", }, { model: "hp-ux", scope: "eq", trust: 0.8, vendor: "hewlett packard", version: "10.01", }, { model: "hp-ux", scope: "eq", trust: 0.8, vendor: "hewlett packard", version: "10.10", }, { model: "hp-ux", scope: "eq", trust: 0.8, vendor: "hewlett packard", version: "10.20", }, { model: "hp-ux", scope: "eq", trust: 0.8, vendor: "hewlett packard", version: "10.24", }, { model: "linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "5.2", }, { model: "linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "6.2", }, { model: "linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "7.0", }, { model: "linux", scope: "eq", trust: 0.8, vendor: "red hat", version: "7.1", }, { model: "vpn concentrator", scope: "eq", trust: 0.6, vendor: "cisco", version: "30003.0.3", }, { model: "catalyst", scope: "eq", trust: 0.6, vendor: "cisco", version: "50005.1", }, { model: "catalyst", scope: "eq", trust: 0.6, vendor: "cisco", version: "40005.5", }, { model: "catalyst", scope: "eq", trust: 0.6, vendor: "cisco", version: "40005.2", }, { model: "solaris", scope: "eq", trust: 0.6, vendor: "sun", version: "8.0", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "2.5.1", }, { model: "solaris 8 sparc", scope: null, trust: 0.3, vendor: "sun", version: null, }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "2.5", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "2.4", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "2.3", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "2.2", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "2.1", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "sun", version: "2.0", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.13", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.12", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.11", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.10", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.9", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.8", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.7", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.6", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.5", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.4", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.3", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.2", }, { model: "irix", scope: "eq", trust: 0.3, vendor: "sgi", version: "6.5.1", }, { model: "open server", scope: "eq", trust: 0.3, vendor: "sco", version: "5.0.6", }, { model: "open server", scope: "eq", trust: 0.3, vendor: "sco", version: "5.0.5", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.17", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.16", }, { model: "linux netkit", scope: "eq", trust: 0.3, vendor: "netkit", version: "0.14", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.2", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.1.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.1", }, { model: "kerberos", scope: "eq", trust: 0.3, vendor: "mit", version: "51.0", }, { model: "secure os software for linux", scope: "eq", trust: 0.3, vendor: "hp", version: "1.0", }, { model: "hp-ux", scope: "eq", trust: 0.3, vendor: "hp", version: "10.24", }, { model: "hp-ux sis", scope: "eq", trust: 0.3, vendor: "hp", version: "10.20", }, { model: "hp-ux", scope: "eq", trust: 0.3, vendor: "hp", version: "10.20", }, { model: "hp-ux", scope: "eq", trust: 0.3, vendor: "hp", version: "10.10", }, { model: "hp-ux", scope: "eq", trust: 0.3, vendor: "hp", version: "10.01", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.3", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.3", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.2", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.2", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.1.1", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.1.1", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "4.0.x", }, { model: "-stable", scope: "eq", trust: 0.3, vendor: "freebsd", version: "3.5.1", }, { model: "-release", scope: "eq", trust: 0.3, vendor: "freebsd", version: "3.5.1", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "3.x", }, { model: "freebsd", scope: "eq", trust: 0.3, vendor: "freebsd", version: "2.x", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux s/390", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux ppc", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux mipsel", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux mips", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux m68k", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux ia-64", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux ia-32", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux hppa", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux arm", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux alpha", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "debian", version: "3.0", }, { model: "vpn concentrator", scope: "eq", trust: 0.3, vendor: "cisco", version: "30003.0", }, { model: "vpn concentrator", scope: "eq", trust: 0.3, vendor: "cisco", version: "30002.0", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60007.1", }, { model: "catalyst pan", scope: "eq", trust: 0.3, vendor: "cisco", version: "60006.3", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60006.2(0.111)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60006.2(0.110)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60006.1(2.13)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60006.1(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60005.5(4)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60005.5(3)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60005.5(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60005.5(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60005.4.1", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60005.4(4)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60005.4(3)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60005.4(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60005.4(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "60005.4", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50006.1(3)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50006.1(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50006.1(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.5(7)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.5(6)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.5", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.5(4)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.5(3)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.5(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.5(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.4.1", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.4(4)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.4(3)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.4(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.4(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.2(4)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.2(3)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.2(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.2(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.2", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50005.1(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(9)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(8)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(7)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(6)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(5)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(4)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(3)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(12)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(11)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "50004.5(10)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40007.1", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40006.1(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.5(4)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.5(3)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.5(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.5(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.4.1", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.4(3)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.4(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.4(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.4", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.2(7)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.2(6)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.2(5)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.2(4)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.2(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.2(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40005.1(1)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40004.5(9)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40004.5(8)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40004.5(7)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40004.5(6)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40004.5(5)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40004.5", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40004.5(4)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40004.5(3)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40004.5(2)", }, { model: "catalyst", scope: "eq", trust: 0.3, vendor: "cisco", version: "40004.5(10)", }, { model: "bsd/os", scope: "eq", trust: 0.3, vendor: "bsdi", version: "4.2", }, { model: "bsd/os", scope: "eq", trust: 0.3, vendor: "bsdi", version: "4.1", }, { model: "bsd/os", scope: "eq", trust: 0.3, vendor: "bsdi", version: "4.0.1", }, { model: "bsd/os", scope: "eq", trust: 0.3, vendor: "bsdi", version: "4.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.0", }, { model: "openbsd", scope: "ne", trust: 0.3, vendor: "openbsd", version: "2.9", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.6.1", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.6", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.5.5", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.5.4", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.5.3", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.5.2", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.5.1", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.5", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.1.4", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.1.2", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.1.1", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.1", }, { model: "vpn concentrator", scope: "ne", trust: 0.3, vendor: "cisco", version: "30003.0.4", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "8500", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "60007.1(2)", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "60006.3(4)", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "60005.5(13)", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "50006.3(4)", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "50005.5(13)", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "50004.5", }, { model: "catalyst 4908g-l3", scope: "ne", trust: 0.3, vendor: "cisco", version: null, }, { model: "catalyst 4840g", scope: "ne", trust: 0.3, vendor: "cisco", version: null, }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "4800", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "4200", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "40007.1(2)", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "40006.3(4)", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "40005.5(13)", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "3900", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "3550", }, { model: "catalyst xl", scope: "ne", trust: 0.3, vendor: "cisco", version: "3500", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "2950", }, { model: "catalyst 2948g-l3", scope: "ne", trust: 0.3, vendor: "cisco", version: null, }, { model: "catalyst xl", scope: "ne", trust: 0.3, vendor: "cisco", version: "2900", }, { model: "catalyst lre xl", scope: "ne", trust: 0.3, vendor: "cisco", version: "2900", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "2820", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "2800", }, { model: "catalyst", scope: "ne", trust: 0.3, vendor: "cisco", version: "1900", }, { model: "mac os", scope: "ne", trust: 0.3, vendor: "apple", version: "x10.1", }, ], sources: [ { db: "CERT/CC", id: "VU#745371", }, { db: "BID", id: "3064", }, { db: "JVNDB", id: "JVNDB-2001-000115", }, { db: "NVD", id: "CVE-2001-0554", }, { db: "CNNVD", id: "CNNVD-200108-082", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:netkit:linux_netkit:0.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netkit:linux_netkit:0.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos:1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netkit:linux_netkit:0.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.0.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.1:stable:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.1.6.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.1.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.2:current:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.2.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.2.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.0:releng:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.5:stable:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.5.1:release:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:3.5.1:stable:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:4.0:alpha:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:4.0:releng:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:ibm:aix:4.3.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sun:sunos:5.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sun:sunos:5.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sun:sunos:5.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2001-0554", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "TESO Security Advisory", sources: [ { db: "CNNVD", id: "CNNVD-200108-082", }, ], trust: 0.6, }, cve: "CVE-2001-0554", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Complete", baseScore: 10, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2001-0554", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.9, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2001-0554", trust: 1.8, value: "HIGH", }, { author: "CARNEGIE MELLON", id: "VU#745371", trust: 0.8, value: "74.81", }, { author: "CNNVD", id: "CNNVD-200108-082", trust: 0.6, value: "CRITICAL", }, { author: "VULMON", id: "CVE-2001-0554", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CERT/CC", id: "VU#745371", }, { db: "VULMON", id: "CVE-2001-0554", }, { db: "JVNDB", id: "JVNDB-2001-000115", }, { db: "NVD", id: "CVE-2001-0554", }, { db: "CNNVD", id: "CNNVD-200108-082", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. The telnetd program is a server for the telnet remote virtual terminal protocol. There is a remotely exploitable buffer overflow in telnet daemons derived from BSD source code. This vulnerability can crash the server, or be leveraged to gain root access. The function responsible for processing the options prepares a response within a fixed sized buffer, without performing any bounds checking. \nThis vulnerability is now being actively exploited. A worm is known to be circulating around the Internet. \nExposure:\n\n Remote root compromise through buffer handling flaws\n\nConfirmed vulnerable:\n\n Up-to-date Debian 3.0 woody (issue is Debian-specific)\n Debian netkit-telnet-ssl-0.17.24+0.1 package\n Debian netkit-telnet-ssl-0.17.17+0.1 package\n\nMitigating factors:\n\n Telnet service must be running and accessible to the attacker. \n Nowadays, telnet service presence on newly deployed Linux hosts is\n relatively low. The service is still used for LAN access from other unix\n platforms, and to host various non-shell services (such as MUDs). \n\nProblem description:\n\n Netkit telnetd implementation shipped with Debian Linux appears to be\n lacking the AYT vulnerability patch. This patch was devised by Red Hat\n (?) and incorporated into Debian packages, but later dropped. \n\n This exposes the platform to a remote root problem discovered by scut of\n TESO back in 2001 (CVE-2001-0554), as well as to other currently\n unpublished flaws associated with the old buffer handling code, and\n elliminated by the Red Hat's overhaul of buffer handling routines. \n\n Based on a review of package changelogs, my best guess is that the patch\n was accidentally dropped by Christoph Martin in December 2001, but I\n have not researched the matter any further. \n\nVendor response:\n\n I have contacted Debian security staff on August 29, and received a\n confirmation of the problem from Matt Zimmerman shortly thereafter. \n\n Since this is not a new flaw, I did not plan to release my own advisory,\n hoping they will release a DSA bulletin and fix the problem. Three weeks\n have passed, however, and Debian did not indicate any clear intent to\n release the information any time soon. They did release nine other\n advisories in the meantime, some of which were of lesser importance. \n\n As such, I believe it is a good idea to bring the problem to public\n attention, particularly since those running telnetd were and are,\n unbeknownst to them, vulnerable to existing exploits. \n\nWorkaround:\n\n Disable telnet service if not needed; manually apply Red Hat\n netkit patches, or compile the daemon from Red Hat sources. \n\n Note that netkit as such is no longer maintained by the author, and\n hence obtaining the most recent source tarball (0.17) is NOT\n sufficient. You may also examine other less popular telnetd\n implementations, but be advised that almost all are heavily based on the\n original code, and not always up-to-date with security fixes for that\n codebase. \n\n\nPS. Express your outrage: http://eprovisia.coredump.cx", sources: [ { db: "NVD", id: "CVE-2001-0554", }, { db: "CERT/CC", id: "VU#745371", }, { db: "JVNDB", id: "JVNDB-2001-000115", }, { db: "BID", id: "3064", }, { db: "VULMON", id: "CVE-2001-0554", }, { db: "PACKETSTORM", id: "34414", }, ], trust: 2.79, }, exploit_availability: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { reference: "https://vulmon.com/exploitdetails?qidtp=exploitdb&qid=21018", trust: 0.1, type: "exploit", }, ], sources: [ { db: "VULMON", id: "CVE-2001-0554", }, ], }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "BID", id: "3064", trust: 2.8, }, { db: "NVD", id: "CVE-2001-0554", trust: 2.6, }, { db: "OSVDB", id: "809", trust: 1.7, }, { db: "CERT/CC", id: "VU#745371", trust: 0.9, }, { db: "JVNDB", id: "JVNDB-2001-000115", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-200108-082", trust: 0.6, }, { db: "EXPLOIT-DB", id: "21018", trust: 0.1, }, { db: "VULMON", id: "CVE-2001-0554", trust: 0.1, }, { db: "PACKETSTORM", id: "34414", trust: 0.1, }, ], sources: [ { db: "CERT/CC", id: "VU#745371", }, { db: "VULMON", id: "CVE-2001-0554", }, { db: "BID", id: "3064", }, { db: "JVNDB", id: "JVNDB-2001-000115", }, { db: "PACKETSTORM", id: "34414", }, { db: "NVD", id: "CVE-2001-0554", }, { db: "CNNVD", id: "CNNVD-200108-082", }, ], }, id: "VAR-200108-0064", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.3056849, }, last_update_date: "2023-12-18T13:21:23.131000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Top Page", trust: 0.8, url: "http://www.ibm.com/jp/", }, { title: "Debian Security Advisories: DSA-075-1 netkit-telnet-ssl -- remote exploit", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=a05118c557d210031007d9bc57bfeb01", }, { title: "Cisco: Cisco VPN 3000 Concentrator Multiple Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20020903-vpn3k-vulnerability", }, { title: "Cisco: Cisco CatOS Telnet Buffer Vulnerability", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20020129-catos-telrcv", }, { title: "git-and-crumpets", trust: 0.1, url: "https://github.com/siddicky/git-and-crumpets ", }, { title: "DC-4-Vulnhub-Walkthrough", trust: 0.1, url: "https://github.com/vshaliii/dc-4-vulnhub-walkthrough ", }, { title: "DC-2-Vulnhub-Walkthrough", trust: 0.1, url: "https://github.com/vshaliii/dc-2-vulnhub-walkthrough ", }, { title: "DC-1-Vulnhub-Walkthrough", trust: 0.1, url: "https://github.com/vshaliii/dc-1-vulnhub-walkthrough ", }, { title: "Basic-Pentesting-2", trust: 0.1, url: "https://github.com/vshaliii/basic-pentesting-2 ", }, ], sources: [ { db: "VULMON", id: "CVE-2001-0554", }, { db: "JVNDB", id: "JVNDB-2001-000115", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-120", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2001-0554", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.8, url: "http://www.cert.org/advisories/ca-2001-21.html", }, { trust: 2.5, url: "http://www.securityfocus.com/bid/3064", }, { trust: 2, url: "http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml", }, { trust: 1.9, url: "ftp://ftp.freebsd.org/pub/freebsd/cert/advisories/freebsd-sa-01:49.telnetd.asc", }, { trust: 1.7, url: "http://www.securityfocus.com/archive/1/197804", }, { trust: 1.7, url: "http://online.securityfocus.com/archive/1/199496", }, { trust: 1.7, url: "http://online.securityfocus.com/archive/1/203000", }, { trust: 1.7, url: "http://online.securityfocus.com/archive/1/199541", }, { trust: 1.7, url: "http://www.ciac.org/ciac/bulletins/l-131.shtml", }, { trust: 1.7, url: "http://www.calderasystems.com/support/security/advisories/cssa-2001-030.0.txt", }, { trust: 1.7, url: "http://ftp.support.compaq.com/patches/.new/html/ssrt0745u.shtml", }, { trust: 1.7, url: "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413", }, { trust: 1.7, url: "http://www.debian.org/security/2001/dsa-070", }, { trust: 1.7, url: "http://www.debian.org/security/2001/dsa-075", }, { trust: 1.7, url: "http://archives.neohapsis.com/archives/hp/2001-q4/0014.html", }, { trust: 1.7, url: "http://online.securityfocus.com/advisories/3476", }, { trust: 1.7, url: "http://www.linux-mandrake.com/en/security/2001/mdksa-2001-068.php3", }, { trust: 1.7, url: "http://www.redhat.com/support/errata/rhsa-2001-099.html", }, { trust: 1.7, url: "http://www.redhat.com/support/errata/rhsa-2001-100.html", }, { trust: 1.7, url: "http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.html", }, { trust: 1.7, url: "http://www.osvdb.org/809", }, { trust: 1.7, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/6875", }, { trust: 1.1, url: "ftp://stage.caldera.com/pub/security/openserver/cssa-2001-sco.10/cssa-2001-sco.10.txt", }, { trust: 1.1, url: "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2001-012.txt.asc", }, { trust: 1.1, url: "ftp://patches.sgi.com/support/free/security/advisories/20010801-01-p", }, { trust: 0.8, url: "http://www.team-teso.net/advisories/teso-advisory-011.tar.gz", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2001-0554", }, { trust: 0.8, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2001-0554", }, { trust: 0.3, url: "/archive/1/375743", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/.html", }, { trust: 0.1, url: "https://www.debian.org/security/./dsa-075", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://www.exploit-db.com/exploits/21018/", }, { trust: 0.1, url: "https://www.kb.cert.org/vuls/id/745371", }, { trust: 0.1, url: "http://eprovisia.coredump.cx.", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2001-0554", }, ], sources: [ { db: "CERT/CC", id: "VU#745371", }, { db: "VULMON", id: "CVE-2001-0554", }, { db: "BID", id: "3064", }, { db: "JVNDB", id: "JVNDB-2001-000115", }, { db: "PACKETSTORM", id: "34414", }, { db: "NVD", id: "CVE-2001-0554", }, { db: "CNNVD", id: "CNNVD-200108-082", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CERT/CC", id: "VU#745371", }, { db: "VULMON", id: "CVE-2001-0554", }, { db: "BID", id: "3064", }, { db: "JVNDB", id: "JVNDB-2001-000115", }, { db: "PACKETSTORM", id: "34414", }, { db: "NVD", id: "CVE-2001-0554", }, { db: "CNNVD", id: "CNNVD-200108-082", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2001-07-24T00:00:00", db: "CERT/CC", id: "VU#745371", }, { date: "2001-08-14T00:00:00", db: "VULMON", id: "CVE-2001-0554", }, { date: "2001-07-18T00:00:00", db: "BID", id: "3064", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2001-000115", }, { date: "2004-09-21T08:00:52", db: "PACKETSTORM", id: "34414", }, { date: "2001-08-14T04:00:00", db: "NVD", id: "CVE-2001-0554", }, { date: "2001-07-18T00:00:00", db: "CNNVD", id: "CNNVD-200108-082", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2002-04-16T00:00:00", db: "CERT/CC", id: "VU#745371", }, { date: "2020-01-21T00:00:00", db: "VULMON", id: "CVE-2001-0554", }, { date: "2001-07-18T00:00:00", db: "BID", id: "3064", }, { date: "2007-04-01T00:00:00", db: "JVNDB", id: "JVNDB-2001-000115", }, { date: "2022-01-21T14:48:42.473000", db: "NVD", id: "CVE-2001-0554", }, { date: "2022-01-24T00:00:00", db: "CNNVD", id: "CNNVD-200108-082", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "34414", }, { db: "CNNVD", id: "CNNVD-200108-082", }, ], trust: 0.7, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vendor telnet daemons vulnerable to buffer overflow via crafted protocol options", sources: [ { db: "CERT/CC", id: "VU#745371", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "other", sources: [ { db: "CNNVD", id: "CNNVD-200108-082", }, ], trust: 0.6, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.