Detections
Analytics

GLSA-202601-01 : inetutils: Remote Code Execution

critical Nessus Plugin ID 296594

Description

The remote host is affected by the vulnerability described in GLSA-202601-01 (inetutils: Remote Code Execution)

 The telnetd server invokes /usr/bin/login (normally running as root) passing the value of the USER environment variable received from the client as the last parameter.

 If the client supply a carefully crafted USER environment value being the string -f root, and passes the telnet(1) -a or --login parameter to send this USER environment to the server, the client will be automatically logged in as root bypassing normal authentication processes.

 This happens because the telnetd server do not sanitize the USER environment variable before passing it on to login(1), and login(1) uses the -f parameter to by-pass normal authentication.

Tenable has extracted the preceding description block directly from the Gentoo Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

All inetutils users with the telnetd USE flag enabled should upgrade to the latest version:

 # emerge --sync # emerge --ask --oneshot --verbose >=net-misc/inetutils-2.7

See Also

https://security.gentoo.org/glsa/202601-01

https://bugs.gentoo.org/show_bug.cgi?id=969065

Plugin Details

Severity: Critical

ID: 296594

File Name: gentoo_GLSA-202601-01.nasl

Version: 1.2

Type: local

Published: 1/26/2026

Updated: 1/26/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.0

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2026-24061

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:gentoo:linux:inetutils, cpe:/o:gentoo:linux

Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/26/2026

Vulnerability Publication Date: 1/21/2026

CISA Known Exploited Vulnerability Due Dates: 2/16/2026

Reference Information

CVE: CVE-2026-24061