VDB
CVE-2005-0468
CVE-2005-0468
PUBLISHED
CVSS 7.5 HIGH
Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated.
EPSS 58.54% · 98.2th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
58.54%
98.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ncsa | telnet | c |
| n/a | n/a | n/a |
Timeline
- Mar 28, 2005 CVE Published
- Mar 28, 2005 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- DSA-731 vendor-advisory
- 20050405-01-P vendor-advisory
- USN-224-1 vendor-advisory
- http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-001-telnet.txt url
- VU#341908 third-party-advisory
- 57755 vendor-advisory
- 12919 vdb
- CLA-2005:962 vendor-advisory
- DSA-703 vendor-advisory
- 101665 vendor-advisory
- MDKSA-2005:061 vendor-advisory
- oval:org.mitre.oval:def:9640 vdb
- 14745 third-party-advisory
- RHSA-2005:327 vendor-advisory
- FreeBSD-SA-05:01.telnet vendor-advisory
- RHSA-2005:330 vendor-advisory
- 57761 vendor-advisory
- 20050328 Multiple Telnet Client env_opt_add() Buffer Overflow Vulnerability third-party-advisory
- 101671 vendor-advisory
- 17899 third-party-advisory
…and 1 more