CVE-2002-0332

Name of the Vulnerable Software and Affected Versions xtell versions 1.91.1 and earlier xtell versions 2.x before 2.7

Description The issue concerns multiple vulnerabilities in the xtell package of the Debian GNU/Linux operating system, which can be exploited remotely to compromise the confidentiality, integrity, and availability of protected information. Specifically, buffer overflows in xtell can allow remote attackers to execute arbitrary code via a long DNS hostname determined using reverse DNS lookups, a long AUTH string, or certain data in the xtell request.

Recommendations For versions 1.91.1 and earlier, update to a version later than 1.91.1 to resolve the issue. For versions 2.x before 2.7, update to version 2.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the xtell service to minimize the risk of exploitation.