Intrusion PreventionNetkit.Telnetd.IAC.Buffer.Overflow
Description
This indicates an attack attempt to exploit a Buffer Overflow Vulnerability in netclear and nextitem functions for Netkit telnetd 0.17.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted packet. It allows a remote attacker to execute arbitrary code.
Affected Products
Netkit telnetd up to 0.17
PAN-OS 8.1 versions earlier than 8.1.20
PAN-OS 9.0 versions earlier than 9.0.14
PAN-OS 9.1 versions earlier than 9.1.9
PAN-OS 10.0 versions earlier than 10.0.6
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://security.paloaltonetworks.com/CVE-2020-10188
For Fedora 30 operating system, please update telnet-server to 0.17-77.fc30:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K3VJ6V2Z3JRNJOBVHSOPMAC76PSSKG6A/
For Fedora 31 operating system, please update telnet-server to 0.17-78.fc31:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7FMTRRQTYKWZD2GMXX3GLZV46OLPCLVK/
For Fedora 32 operating system, please update telnet-server to 0.17-79.fc32
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLU6FL24BSQQEB2SJC26NLJ2MANQDA7M/
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-05-06 | 15.838 | Default_action:pass:drop |
| 2020-05-06 | 15.837 | Default_action:drop:pass |
| 2020-05-06 | 15.836 | Default_action:pass:drop |
| 2020-04-27 | 15.828 |
| ID | 48941 |
| Created | Apr 27, 2020 |
| Updated | Apr 10, 2024 |
| Risk |
|
| CVE ID | CVE-2020-10188 |
| Exploit Prediction Score | 83.25% |
| Default Action | drop |
| Active | |
| Affected OS | Linux |
| Affected App | Other |