GCVE - cpe:2.3:a:gnu:inetutils:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:gnu:inetutils:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Gnu (`575dd98a-a14a-5d9e-a2eb-97d38d86fcb9`)
Product	Inetutils (`5a020820-79bd-5cd7-8715-8e815dcf5e6b`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:deb/debian/inetutils`	purl2cpe	2026-06-01 10:11:55.601459
`pkg:deb/ubuntu/inetutils`	purl2cpe	2026-06-01 10:11:55.601462
`pkg:github/distrotech/inetutils`	purl2cpe	2026-06-01 10:11:55.601465
`pkg:github/gnu-mirror-unofficial/inetutils`	purl2cpe	2026-06-01 10:11:55.601467
`pkg:github/qunixorg/inetutils`	purl2cpe	2026-06-01 10:11:55.601470
`pkg:gnu/inetutils`	purl2cpe	2026-06-01 10:11:55.601473

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2026-32772`	vulnerable	2026-06-03 15:20:43.718897	Details available LOW (3.4) telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR. Published: 2026-03-13T21:01:17.782Z Updated: 2026-03-16T17:02:16.817Z Open on db.gcve.eu Reference links https://www.openwall.com/lists/oss-security/2026/03/13/1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-32746`	vulnerable	2026-06-03 15:20:43.677671	Details available CRITICAL (9.8) telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full. Published: 2026-03-13T17:15:14.876Z Updated: 2026-03-23T13:13:55.238Z Open on db.gcve.eu Reference links https://www.openwall.com/lists/oss-security/2026/03/12/4 https://lists.gnu.org/archive/html/bug-inetutils/2026-03/msg00031.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-28372`	vulnerable	2026-06-03 15:18:08.331758	Details available HIGH (7.4) telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file. Published: 2026-02-27T05:28:17.383Z Updated: 2026-03-07T17:05:13.869Z Open on db.gcve.eu Reference links https://lists.gnu.org/archive/html/bug-inetutils/2026-02/msg00000.html https://git.hadrons.org/cgit/debian/pkgs/inetutils.git/commit/?id=3953943d8296310485f98963883a798545ab9a6c https://lists.gnu.org/archive/html/bug-inetutils/2026-02/msg00012.html https://www.openwall.com/lists/oss-security/2026/02/24/1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-24061`	vulnerable	2026-06-03 15:16:51.302992	Details available CRITICAL (9.8) telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable. Published: 2026-01-21T06:42:17.134Z Updated: 2026-03-25T13:31:53.588Z Open on db.gcve.eu Reference links https://www.openwall.com/lists/oss-security/2026/01/20/2 https://www.openwall.com/lists/oss-security/2026/01/20/8 https://www.gnu.org/software/inetutils/ https://lists.gnu.org/archive/html/bug-inetutils/2026-01/msg00004.html https://codeberg.org/inetutils/inetutils/commit/fd702c02497b2f398e739e3119bed0b23dd7aa7b	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-40303`	vulnerable	2026-06-03 14:52:43.331965	Details available GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process. Published: 2023-08-14T00:00:00.000Z Updated: 2024-08-02T18:31:53.432Z Open on db.gcve.eu Reference links https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=e4e65c03f4c11292a3e40ef72ca3f194c8bffdd6 https://lists.gnu.org/archive/html/bug-inetutils/2023-07/msg00000.html https://ftp.gnu.org/gnu/inetutils/ https://lists.debian.org/debian-lts-announce/2023/10/msg00013.html http://www.openwall.com/lists/oss-security/2023/12/30/4	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-39028`	vulnerable	2026-06-03 14:47:50.712267	Details available telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd application has many crashes within a short time interval, the telnet service would become unavailable after inetd logs a "telnet/tcp server failing (looping), service terminated" error. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8. Published: 2022-08-30T00:00:00.000Z Updated: 2024-08-03T11:10:32.472Z Open on db.gcve.eu Reference links https://lists.gnu.org/archive/html/bug-inetutils/2022-08/msg00002.html https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html https://git.hadrons.org/cgit/debian/pkgs/inetutils.git/commit/?id=113da8021710d871c7dd72d2a4d5615d42d64289 https://lists.debian.org/debian-lts-announce/2022/11/msg00033.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-40491`	vulnerable	2026-06-03 14:45:24.120499	Details available The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl. Published: 2021-09-03T00:00:00.000Z Updated: 2024-08-04T02:44:10.353Z Open on db.gcve.eu Reference links https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993476 https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=58cb043b190fd04effdaea7c9403416b436e50dd https://lists.gnu.org/archive/html/bug-inetutils/2021-06/msg00002.html https://lists.debian.org/debian-lts-announce/2022/11/msg00033.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4862`	vulnerable	2026-06-03 14:31:26.565622	Details available Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011. Published: 2011-12-25T01:00:00.000Z Updated: 2024-08-07T00:16:35.035Z Open on db.gcve.eu Reference links http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html http://secunia.com/advisories/47399 http://www.debian.org/security/2011/dsa-2375 http://www.redhat.com/support/errata/RHSA-2011-1854.html http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00004.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.