Mailinglist Archive: opensuse-security (343 mails)

< Previous Next >
Re: [suse-security] buffer overflow in telnetd
  • From: Markus Gaugusch <markus@xxxxxxxxxxxxxxxx>
  • Date: Wed, 25 Jul 2001 08:46:49 +0200 (CEST)
  • Message-id: <Pine.LNX.4.33.0107250844090.13817-100000@xxxxxxxxxxxxxxxx>
> is any SuSE distribution (maybe older than 6.4?) affected by the
> vulnerability above? the cert advisory was released some days ago
Nobody should be running telnetd today, this can't be said often enough
... (sadly, it has to :(
There are even free windows clients (teraterm pro, putty, ...), and you
should also shut down ftp (and use scp/sftp instead).
Also POP3 should be turned off for users with shell accounts. Better use
POP3 over SSL (outlook can do this, netscape unfortunately not) or APOP
(pegasus can do this AFAIR)
of course, fetchmal can do both :)

Markus

--
_____________________________ /"\
Markus Gaugusch ICQ 11374583 \ / ASCII Ribbon Campaign
markus@xxxxxxxxxxxxxxxx X Against HTML Mail
/ \


< Previous Next >
References