[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

multiple vendor telnet daemon vulnerability (link)




Almost all bsd derivatives of telnetd seem vulnerable to remote-root
exploits according to this advisory from securityfocus:

http://www.securityfocus.com/templates/archive.pike?list=1&start=2001-07-15&threads=0&mid=197804&fromthread=0&end=2001-07-21&;

I took an amateurish and uninformed look at the telnet code and
it seemed to me like there was lots of bounds checking beeing
done on nfrontp and netobuf but someone with better knowledge of 
the code should probably check this out asap!

	MVH leifj