netkit telnetd nextitem vulnerability
Added: 03/24/2020Background
netkit telnetd is a server implementation of the Telnet protocol which comes with many Linux and Unix operating systems.Problem
An unbounded read and write condition in the nextitem function allows remote attackers to execute arbitrary commands on the server.Resolution
Apply a fix from the operating system vendor when available or disable the Telnet service.References
https://appgateresearch.blogspot.com/2020/02/bravestarr-fedora-31-netkit-telnetd_28.htmlLimitations
Exploit works on Fedora 31 netkit-telnet-0.17 with SELinux disabled.Platforms
LinuxBack to exploit index