buffer overflow in telnetd
Hi all, is any SuSE distribution (maybe older than 6.4?) affected by the vulnerability above? the cert advisory was released some days ago http://www.cert.org/advisories/CA-2001-21.html regards, Marco -- adconsys AG phone : +49-341-98-474-0 Karl-Liebknecht-Str. 19 fax : +49-341-98-474-59 04107 Leipzig/Germany url : http://www.adconsys.de/ gpg key: mail -s "get gpg key" marco.ahrendt@adconsys.de
is any SuSE distribution (maybe older than 6.4?) affected by the vulnerability above? the cert advisory was released some days ago Nobody should be running telnetd today, this can't be said often enough ... (sadly, it has to :( There are even free windows clients (teraterm pro, putty, ...), and you should also shut down ftp (and use scp/sftp instead). Also POP3 should be turned off for users with shell accounts. Better use POP3 over SSL (outlook can do this, netscape unfortunately not) or APOP (pegasus can do this AFAIR) of course, fetchmal can do both :)
Markus -- _____________________________ /"\ Markus Gaugusch ICQ 11374583 \ / ASCII Ribbon Campaign markus@gaugusch.dhs.org X Against HTML Mail / \
On Wed, Jul 25, 2001 at 08:46:49AM +0200, Markus Gaugusch wrote:
is any SuSE distribution (maybe older than 6.4?) affected by the vulnerability above? the cert advisory was released some days ago Nobody should be running telnetd today, this can't be said often enough ... (sadly, it has to :( There are even free windows clients (teraterm pro, putty, ...), and you should also shut down ftp (and use scp/sftp instead). Also POP3 should be turned off for users with shell accounts. Better use POP3 over SSL (outlook can do this, netscape unfortunately not) or APOP (pegasus can do this AFAIR) of course, fetchmal can do both :)
of course you're right but this doesn't answers my question ;) regards, Marco -- adconsys AG phone : +49-341-98-474-0 Karl-Liebknecht-Str. 19 fax : +49-341-98-474-59 04107 Leipzig/Germany url : http://www.adconsys.de/ gpg key: mail -s "get gpg key" marco.ahrendt@adconsys.de
Em Quarta 25 Julho 2001 04:00, Marco Ahrendt escreveu:
On Wed, Jul 25, 2001 at 08:46:49AM +0200, Markus Gaugusch wrote:
is any SuSE distribution (maybe older than 6.4?) affected by the vulnerability above? the cert advisory was released some days ago
AFAIK, it's *BSD specific. The complete exploit has been released in bugtraq. Try it out. []s Davi de Castro Reis
Hi,
, 2001 at 08:46:49AM +0200, Markus Gaugusch wrote:
is any SuSE distribution (maybe older than 6.4?) affected by the vulnerability above? the cert advisory was released some days ago
of course you're right but this doesn't answers my question ;)
I tried the exploit with both 7.0 and 7.1, for this versions answer is no. If you have other versions (like older than 6.4) and want to try if they are vulnerable I can send the exploit to you. MURAT KOC
I tried the exploit with both 7.0 and 7.1, for this versions answer is no. If you have other versions (like older than 6.4) and want to try if they are vulnerable I can send the exploit to you.
We're investigating. More later. Roman.
On Wed, 25 Jul 2001, Markus Gaugusch wrote:
Nobody should be running telnetd today, this can't be said often enough ... (sadly, it has to :( There are even free windows clients (teraterm pro, putty, ...), and you should also shut down ftp (and use scp/sftp instead).
well, I agree, but I have some win 3.1 machines here... AFAIK no ssh for them available, so I sometimes switch on my rcinetd. I have setup my hosts.allow such that only a handfull of hosts can access telnet, and it has a one time password system. Any thoughts on the safety of doing this? Dirk PS the machines involved are all on my side of a university gateway, but I am not sure how much protection that gives. I haven't tried to spoof IP addresses through it, for that matter.
participants (6)
-
Davi de Castro Reis
-
dirk janssen
-
Marco Ahrendt
-
Markus Gaugusch
-
Murat Koc
-
Roman Drahtmueller