Vulnerabilities > GNU > Inetutils
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-14 | CVE-2023-40303 | Unchecked Return Value vulnerability in GNU Inetutils GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. | 7.8 |
| 2022-08-30 | CVE-2022-39028 | NULL Pointer Dereference vulnerability in multiple products telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. | 7.5 |
| 2021-09-03 | CVE-2021-40491 | Insufficient Verification of Data Authenticity vulnerability in multiple products The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. | 6.5 |