Linux Netkit 0.17

CPE Details

Linux Netkit 0.17
netkit
netkit
0.17
2007-08-23
19h16 +00:00
2008-04-01
14h13 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:netkit:netkit:0.17:*:*:*:*:*:*:*

Informations

Vendor

netkit

Product

netkit

Version

0.17

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-7282 2019-01-31 17h00 +00:00 In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685.
5.9
Medium
CVE-2019-7283 2019-01-31 17h00 +00:00 An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server (or Man-in-The-Middle attacker) can overwrite arbitrary files in a directory on the rcp client machine. This is similar to CVE-2019-6111.
7.4
High
CVE-2006-6008 2006-11-21 23h00 +00:00 ftpd in Linux Netkit (linux-ftpd) 0.17, and possibly other versions, does not check the return status of certain seteuid, setgid, and setuid calls, which might allow remote authenticated users to gain privileges if these calls fail in cases such as PAM failures or resource limits, a different vulnerability than CVE-2006-5778.
6.5