CVSS: 10.0EPSS: 4%CPEs: 1EXPL: 1CVE-2023-38336
https://notcve.org/view.php?id=CVE-2023-38336
14 Jul 2023 — netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778. • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039689 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 1CVE-2019-7283
https://notcve.org/view.php?id=CVE-2019-7283
31 Jan 2019 — An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server (or Man-in-The-Middle attacker) can overwrite arbitrary files in a directory on the rcp client machine. This is similar to CVE-2019-6111. • https://bugs.debian.org/920486 •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 1CVE-2019-7282 – Ubuntu Security Notice USN-5327-1
https://notcve.org/view.php?id=CVE-2019-7282
31 Jan 2019 — In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685. En NetKit hasta la versión 0.17, rcp.c en el cliente rcp permite que los servidores rsh omitan las restricciones de acceso planeadas mediante un nombre de archivo "." o un nombre de archivo vacío. El impacto consiste en modificar los pe... • https://bugs.debian.org/920486 •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2006-6008
https://notcve.org/view.php?id=CVE-2006-6008
21 Nov 2006 — ftpd in Linux Netkit (linux-ftpd) 0.17, and possibly other versions, does not check the return status of certain seteuid, setgid, and setuid calls, which might allow remote authenticated users to gain privileges if these calls fail in cases such as PAM failures or resource limits, a different vulnerability than CVE-2006-5778. ftpd en Linux Netkit (linux-ftpd) 0.17, y posiblemente otras versiones, no comprueba el estado que retornan ciertas llamadas a seteuid, setgid, y setuid, lo cual permite a usuarios rem... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=384454 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2004-0911
https://notcve.org/view.php?id=CVE-2004-0911
28 Sep 2004 — telnetd for netkit 0.17 and earlier, and possibly other versions, on Debian GNU/Linux allows remote attackers to cause a denial of service (free of an invalid pointer), a different vulnerability than CVE-2001-0554. telnetd de netkit 0.17 y anteriores y posiblemente otras versiones, en Debian GNU/Linux, permite a atacantes remotos causar una denegación de servicio (liberación de puntero no válido), una vulnerabilidad distinta de CVE-2001-0554. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=273694 •
CVSS: 10.0EPSS: 1%CPEs: 7EXPL: 0CVE-1999-0048
https://notcve.org/view.php?id=CVE-1999-0048
27 Jan 1997 — Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges. • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/147 •