Netkit Netkit

  1. Vendors
  2. Netkit

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Netkit product.

RSS Feeds for Netkit security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Netkit products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Netkit Sorted by Most Security Vulnerabilities since 2018

Netkit3 vulnerabilities

Linux Netkit1 vulnerability

By the Year

In 2025 there have been 0 vulnerabilities in Netkit. Netkit did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2025 0 0.00
2024 0 0.00
2023 1 9.80
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 2 6.65
2018 0 0.00

It may take a day or so for new Netkit vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Netkit Security Vulnerabilities

netkit-rcp in rsh-client 0.17-24

CVE-2023-38336 9.8 - Critical - July 14, 2023

netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778.

Command Injection

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of

CVE-2019-7282 5.9 - Medium - January 31, 2019

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685.

An issue was discovered in rcp in NetKit through 0.17

CVE-2019-7283 7.4 - High - January 31, 2019

An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server (or Man-in-The-Middle attacker) can overwrite arbitrary files in a directory on the rcp client machine. This is similar to CVE-2019-6111.

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems

CVE-2001-0554 - August 14, 2001

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

Classic Buffer Overflow

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.