Description
utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
Configuration 1 [-]
|
Configuration 2 [-]
|
Configuration 3 [-]
|
Configuration 4 [-]
|
Configuration 5 [-]
|
Configuration 6 [-]
|
| Package | CPE | Advisory | Released Date |
|---|---|---|---|
| Red Hat Enterprise Linux 6 | |||
| telnet-1:0.17-49.el6_10 | cpe:/o:redhat:enterprise_linux:6 | RHSA-2020:1335 | 2020-04-06T00:00:00Z |
| krb5-appl-0:1.0.1-10.el6_10 | cpe:/o:redhat:enterprise_linux:6 | RHSA-2020:1349 | 2020-04-07T00:00:00Z |
| Red Hat Enterprise Linux 7 | |||
| telnet-1:0.17-65.el7_8 | cpe:/o:redhat:enterprise_linux:7 | RHSA-2020:1334 | 2020-04-06T00:00:00Z |
| Red Hat Enterprise Linux 7.6 Advanced Update Support(Disable again in 2026 - SPRHEL-7118) | |||
| telnet-1:0.17-65.el7_6 | cpe:/o:redhat:rhel_aus:7.6 | RHSA-2022:0011 | 2022-01-04T00:00:00Z |
| Red Hat Enterprise Linux 7.6 Telco Extended Update Support | |||
| telnet-1:0.17-65.el7_6 | cpe:/o:redhat:rhel_tus:7.6 | RHSA-2022:0011 | 2022-01-04T00:00:00Z |
| Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions | |||
| telnet-1:0.17-65.el7_6 | cpe:/o:redhat:rhel_e4s:7.6 | RHSA-2022:0011 | 2022-01-04T00:00:00Z |
| Red Hat Enterprise Linux 7.7 Advanced Update Support | |||
| telnet-1:0.17-65.el7_7 | cpe:/o:redhat:rhel_aus:7.7 | RHSA-2022:0158 | 2022-01-18T00:00:00Z |
| Red Hat Enterprise Linux 7.7 Telco Extended Update Support | |||
| telnet-1:0.17-65.el7_7 | cpe:/o:redhat:rhel_tus:7.7 | RHSA-2022:0158 | 2022-01-18T00:00:00Z |
| Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions | |||
| telnet-1:0.17-65.el7_7 | cpe:/o:redhat:rhel_e4s:7.7 | RHSA-2022:0158 | 2022-01-18T00:00:00Z |
| Red Hat Enterprise Linux 8 | |||
| telnet-1:0.17-73.el8_1.1 | cpe:/a:redhat:enterprise_linux:8 | RHSA-2020:1318 | 2020-04-06T00:00:00Z |
| Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions | |||
| telnet-1:0.17-73.el8_0.1 | cpe:/a:redhat:rhel_e4s:8.0 | RHSA-2020:1342 | 2020-04-07T00:00:00Z |
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 Debian DLA |
DLA-2176-1 | inetutils security update |
| Debian DLA |
DLA-2341-1 | inetutils security update |
 EUVD |
EUVD-2020-2649 | utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions. |
 Ubuntu USN |
USN-5048-1 | Inetutils vulnerability |
| Ubuntu USN |
USN-5048-2 | Inetutils vulnerability |
| Ubuntu USN |
USN-7781-1 | Inetutils vulnerabilities |
References
History
Wed, 21 Jan 2026 02:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Subscriptions
Arista
Subscribe
Eos
Subscribe
Debian
Subscribe
Debian Linux
Subscribe
Fedoraproject
Subscribe
Fedora
Subscribe
Juniper
Subscribe
Junos
Subscribe
Netkit Telnet Project
Subscribe
Netkit Telnet
Subscribe
Oracle
Subscribe
Communications Performance Intelligence Center
Subscribe
Redhat
Subscribe
Enterprise Linux
Subscribe
Rhel Aus
Subscribe
Rhel E4s
Subscribe
Rhel Tus
Subscribe
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-01-21T01:32:48.733Z
Reserved: 2020-03-06T00:00:00.000Z
Link: CVE-2020-10188
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-03-06T15:15:14.020
Modified: 2026-01-21T02:15:47.930
Link: CVE-2020-10188
Redhat
OpenCVE Enrichment
No data.