This page aggregates publicly disclosed CVE and security risk information related to xtell, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2002-0334 | xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows local users to modify files via a symlink attack on the .xtell-log file. | [email protected] | 2.1 | 0.19% | 2002-06-25 | 2026-04-16 |
| CVE-2002-0333 | Directory traversal vulnerability in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to read files with short names, and local users to read more files using a symlink with a short name, via a .. in the TTY argument. | [email protected] | 5.0 | 2.77% | 2002-06-25 | 2026-04-16 |
| CVE-2002-0332 | Buffer overflows in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to execute arbitrary code via (1) a long DNS hostname that is determined using reverse DNS lookups, (2) a long AUTH string, or (3) certain data in the xtell request. | [email protected] | 7.5 | 13.59% | 2002-06-25 | 2026-04-16 |