This page lists publicly disclosed CVE vulnerabilities affecting ncsa telnet (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2005-0469 | Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands. | [email protected] | 7.5 | 47.82% | 2005-05-02 | 2026-04-16 |
| CVE-2005-0468 | Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated. | [email protected] | 7.5 | 58.54% | 2005-05-02 | 2026-04-16 |
| CVE-1999-1090 | The default configuration of NCSA Telnet package for Macintosh and PC enables FTP, even though it does not include an "ftp=yes" line, which allows remote attackers to read and modify arbitrary files. | [email protected] | 7.5 | 0.72% | 1991-09-10 | 2026-04-16 |