Vulnerabilities > CVE-2004-0640

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

netkit

ssltelnetd

critical

nessus

NVD

Published: 2004-08-06

Updated: 2017-07-11

Summary

Format string vulnerability in the SSL_set_verify function in telnetd.c for SSLtelnet daemon (SSLtelnetd) 0.13 allows remote attackers to execute arbitrary code.

Vulnerable Configurations

Part	Description	Count
Application	Netkit Netkit Linux Netkit 0.17 Netkit Linux Netkit 0.17.17	2
Application	Ssltelnetd Ssltelnetd Secure Telnet 0.13.1	1

Nessus

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-529.NASL
description	'b0f
last seen	2020-06-01
modified	2020-06-02
plugin id	15366
published	2004-09-29
reporter	This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/15366
title	Debian DSA-529-1 : netkit-telnet-ssl - format string

NASL family	FreeBSD Local Security Checks
NASL id	FREEBSD_SSLTELNET_0131.NASL
description	SSLtelnet contains a format string vulnerability that could allow remote code execution and privilege escalation.
last seen	2020-06-01
modified	2020-06-02
plugin id	12617
published	2004-07-06
reporter	This script is Copyright (C) 2004-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/12617
title	FreeBSD : Format string vulnerability in SSLtelnet (4aec9d58-ce7b-11d8-858d-000d610a3b12)

Vulnerabilities > CVE-2004-0640 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2004-0640"}]}

Summary

Vulnerable Configurations

Nessus

References

Vulnerabilities > CVE-2004-0640