CCE-95625-0| Platform: cpe:/o:debian:debian_linux:11.x, cpe:/o:ubuntu:ubuntu_linux:16.04, cpe:/o:ubuntu:ubuntu_linux:18.04, cpe:/o:ubuntu:ubuntu_linux:20.04, cpe:/o:ubuntu:ubuntu_linux:22.04, cpe:/o:ubuntu:ubuntu_linux:23.04 | Date: (C)2021-03-08 (M)2023-12-01 |
The telnet package contains the telnet client, which allows users to start connections to other systems via the telnet protocol.
Rationale:
The telnet protocol is insecure and unencrypted. The use of an unencrypted transmission medium could allow an unauthorized user to steal credentials. The ssh package provides an encrypted session and stronger security and is included in most Linux distributions.
Fix:
Run the following command to uninstall telnet: apt remove telnet
Parameter:
[yes/no]
Technical Mechanism:
Run the following command to uninstall telnet: apt remove telnet
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 8.8 | Attack Vector: NETWORK |
| Exploit Score: 2.8 | Attack Complexity: LOW |
| Impact Score: 5.9 | Privileges Required: LOW |
| Severity: HIGH | User Interaction: NONE |
| Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| | Confidentiality: HIGH |
| | Integrity: HIGH |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:92372 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:70760 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:70670 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:87353 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:85204 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:68678 |
