Search for vulnerabilities
Vulnerability details: VCID-hn8t-rcgv-aaae
Vulnerability ID VCID-hn8t-rcgv-aaae
Aliases CVE-2005-0468
Summary Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated.
Status Published
Exploitability 2.0
Weighted Severity 8.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
rhas Important https://access.redhat.com/errata/RHSA-2005:327
rhas Important https://access.redhat.com/errata/RHSA-2005:330
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.52464 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.57681 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.93760 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.93760 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.93760 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.93760 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.93760 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.93760 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.93760 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.93760 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.93760 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.93760 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.95382 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
epss 0.95382 https://api.first.org/data/v1/epss?cve=CVE-2005-0468
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=1617527
cvssv2 7.5 https://nvd.nist.gov/vuln/detail/CVE-2005-0468
Reference id Reference type URL
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc
ftp://patches.sgi.com/support/free/security/advisories/20050405-01-P
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000962
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0468.json
https://api.first.org/data/v1/epss?cve=CVE-2005-0468
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0468
http://secunia.com/advisories/14745
http://secunia.com/advisories/17899
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9640
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-001-telnet.txt
http://www.debian.de/security/2005/dsa-731
http://www.debian.org/security/2005/dsa-703
http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities
http://www.kb.cert.org/vuls/id/341908
http://www.mandriva.com/security/advisories?name=MDKSA-2005:061
http://www.redhat.com/support/errata/RHSA-2005-327.html
http://www.redhat.com/support/errata/RHSA-2005-330.html
http://www.securityfocus.com/bid/12919
http://www.ubuntulinux.org/usn/usn-224-1
1617527 https://bugzilla.redhat.com/show_bug.cgi?id=1617527
306141 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=306141
cpe:2.3:a:ncsa:telnet:c:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ncsa:telnet:c:*:*:*:*:*:*:*
CVE-2005-0468 https://nvd.nist.gov/vuln/detail/CVE-2005-0468
CVE-2005-0468;OSVDB-15093 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/25303.txt
CVE-2005-0468;OSVDB-15093 Exploit https://www.securityfocus.com/bid/12919/info
RHSA-2005:327 https://access.redhat.com/errata/RHSA-2005:327
RHSA-2005:330 https://access.redhat.com/errata/RHSA-2005:330
Data source Exploit-DB
Date added March 28, 2005
Description Multiple Vendor Telnet Client - Env_opt_add Heap Buffer Overflow
Ransomware campaign use Known
Source publication date March 28, 2005
Exploit type dos
Platform linux
Source update date May 8, 2013
Source URL https://www.securityfocus.com/bid/12919/info
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2005-0468
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.97707
EPSS Score 0.52464
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.