VDB
CVE-2001-0554
CVE-2001-0554
PUBLISHED
CVSS 10 CRITICAL
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
EPSS 16.67% · 95.1th percentile
Risk Scores
CVSS 2.0
10
EPSS Score
16.67%
95.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| netkit | linux_netkit | 0.12, 0.11, 0.10 |
| debian | debian_linux | 2.2 |
| sun | sunos | 5.3, 5.8, 5.0 |
| sgi | irix | 6.5 |
| sun | solaris | 2.6 |
| ibm | aix | 4.3.3, 4.3.2, 5.1 |
| openbsd | openbsd | 2.8, 2.3, 2.4 |
| mit | kerberos | 1.0 |
| mit | kerberos_5 | 1.1, 1.1.1, 1.2.2 |
| freebsd | freebsd | 3.0, 2.2.2, 4.2 |
| netbsd | netbsd | 1.5, 1.5.1, 1.4.3 |
Exploit Intelligence
- http://www.securityfocus.com/archive/1/197804 (vulncheck-nvd)
- http://www.securityfocus.com/bid/3064 (vulncheck-nvd)
- CLA-2001:413 (circl)
- MDKSA-2001:068 (circl)
- L-131 (circl)
- SSRT0745U (circl)
- telnetd-option-telrcv-bo(6875) (circl)
- 809 (circl)
- MSS-OAR-E01-2001:298 (circl)
- 20010725 Telnetd AYT overflow scanner (circl)
…and 18 more exploits
Timeline
- Jul 18, 2001 CVE Published
- Jul 18, 2001 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 27, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 26, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- CLA-2001:413 vendor-advisory
- MDKSA-2001:068 vendor-advisory
- L-131 third-party-advisory
- SSRT0745U vendor-advisory
- telnetd-option-telrcv-bo(6875) vdb
- 809 vdb
- MSS-OAR-E01-2001:298 vendor-advisory
- 20010725 Telnetd AYT overflow scanner mailing-list
- 20010810 ADV/EXP: netkit <=0.17 in.telnetd remote buffer overflow mailing-list
- 3064 vdb
- RHSA-2001:100 vendor-advisory
- SuSE-SA:2001:029 vendor-advisory
- CSSA-2001-SCO.10 vendor-advisory
- RHSA-2001:099 vendor-advisory
- 20020129 Cisco CatOS Telnet Buffer Vulnerability vendor-advisory
- HPSBUX0110-172 vendor-advisory
- DSA-075 vendor-advisory
- 20010718 multiple vendor telnet daemon vulnerability mailing-list
- CA-2001-21 third-party-advisory
- FreeBSD-SA-01:49 vendor-advisory
…and 6 more