CVE Vulnerabilities

CVE-2000-0733

Published: Oct 20, 2000 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request.

Affected Software

Name Vendor Start Version End Version
Irix Sgi 5.2 5.2
Irix Sgi 5.3 5.3
Irix Sgi 5.3 5.3
Irix Sgi 6.0 6.0
Irix Sgi 6.0.1 6.0.1
Irix Sgi 6.0.1 6.0.1
Irix Sgi 6.1 6.1
Irix Sgi 6.2 6.2
Irix Sgi 6.3 6.3
Irix Sgi 6.4 6.4
Irix Sgi 6.5 6.5
Irix Sgi 6.5.1 6.5.1
Irix Sgi 6.5.2m 6.5.2m
Irix Sgi 6.5.3 6.5.3
Irix Sgi 6.5.3f 6.5.3f
Irix Sgi 6.5.3m 6.5.3m
Irix Sgi 6.5.4 6.5.4
Irix Sgi 6.5.6 6.5.6
Irix Sgi 6.5.7 6.5.7
Irix Sgi 6.5.8 6.5.8

References