CVE-2002-0332

Xtell - Buffer Overflow

Title source: rule

Description

Buffer overflows in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to execute arbitrary code via (1) a long DNS hostname that is determined using reverse DNS lookups, (2) a long AUTH string, or (3) certain data in the xtell request.

Exploits (1)

exploitdb WORKING POC VERIFIED

by spybreak · cremotelinux

https://www.exploit-db.com/exploits/21309

View Code ZIP pw:eip

References (4)

[Mailing List] http://marc.info/?l=bugtraq&m=101494896516467&w=2

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/4193

[Patch, Vendor Advisory] http://www.debian.org/security/2002/dsa-121

[Third Party Advisory] http://www.iss.net/security_center/static/8312.php

Scores

EPSS 0.1359

EPSS Percentile 94.3%

Details

Status published

Products (2)

xtell/xtell 1.91.1

xtell/xtell 2.6.1

Published Jun 25, 2002

Tracked Since Feb 18, 2026