Package: inetutils-telnetd Severity: critical Tags: security Justification: root security hole
Looking in https://security-tracker.debian.org/tracker/CVE-2020-10188 : utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions. Seems to me that inetutils contains the same (vulnerable) utility.c functions. Please check. Cheers, Paul Paul Szabo p...@maths.usyd.edu.au www.maths.usyd.edu.au/u/psz School of Mathematics and Statistics University of Sydney Australia
