netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CV

An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent t

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename

ftpd in Linux Netkit (linux-ftpd) 0.17, and possibly other versions, does not check the return status of certain seteuid, setgid,

Race condition in the setsid function in Linux before 2.6.8.1 allows local users to cause a denial of service (crash) and possibly

telnetd for netkit 0.17 and earlier, and possibly other versions, on Debian GNU/Linux allows remote attackers to cause a denial of

Format string vulnerability in the SSL_set_verify function in telnetd.c for SSLtelnet daemon (SSLtelnetd) 0.13 allows remote attac

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary comma

Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges.