[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

multiple vendor telnet daemon vulnerability (link)

To: heimdal-discuss@sics.se
Subject: multiple vendor telnet daemon vulnerability (link)
From: Leif Johansson <leifj@it.su.se>
Date: Thu, 19 Jul 2001 11:17:56 +0200
Sender: owner-heimdal-discuss@sics.se
User-Agent: Mutt/1.2.5i


Almost all bsd derivatives of telnetd seem vulnerable to remote-root
exploits according to this advisory from securityfocus:

http://www.securityfocus.com/templates/archive.pike?list=1&start=2001-07-15&threads=0&mid=197804&fromthread=0&end=2001-07-21&;

I took an amateurish and uninformed look at the telnet code and
it seemed to me like there was lots of bounds checking beeing
done on nfrontp and netobuf but someone with better knowledge of 
the code should probably check this out asap!

	MVH leifj

Follow-Ups:
- Re: multiple vendor telnet daemon vulnerability (link)
  - From: Assar Westerlund <assar@sics.se>

Prev by Date: Re: heimdal hdb
Next by Date: Re: multiple vendor telnet daemon vulnerability (link)
Prev by thread: Re: heimdal hdb
Next by thread: Re: multiple vendor telnet daemon vulnerability (link)
Index(es):
- Date
- Thread