CVE-2019-0053 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Arbitrary code execution
Description	inetutils before version 1.9.4.90 contains a stack overflow vulnerability in the client-side environment variable handling which can be exploited to escape restricted shells on embedded devices. A stack-based overflow is present in the handling of environment variables when connecting telnet.c to remote telnet servers through oversized DISPLAY arguments.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1003	inetutils	1.9.4-9	2.0-1	High	Fixed	FS#70040

Date	Advisory	Group	Package	Severity	Type
09 Jun 2021	ASA-202106-20	AVG-1003	inetutils	High	arbitrary code execution

References
https://raw.githubusercontent.com/hackerhouse-opensource/exploits/master/inetutils-telnet.txt https://git.savannah.gnu.org/gitweb/?p=inetutils.git;a=commitdiff;h=1480573a908254662074865406ac6fbde4694e5d https://git.savannah.gnu.org/gitweb/?p=inetutils.git;a=commitdiff;h=07fdb4201a3a5e6df92c0929c65671ce4ba8af5a

References

https://raw.githubusercontent.com/hackerhouse-opensource/exploits/master/inetutils-telnet.txt
https://git.savannah.gnu.org/gitweb/?p=inetutils.git;a=commitdiff;h=1480573a908254662074865406ac6fbde4694e5d
https://git.savannah.gnu.org/gitweb/?p=inetutils.git;a=commitdiff;h=07fdb4201a3a5e6df92c0929c65671ce4ba8af5a