Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 18 Jul 2001 23:37:42 -0700
From:      Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>
To:        Mike Tancsa <mike@sentex.net>
Cc:        Kris Kennaway <kris@obsecurity.org>, security@FreeBSD.ORG
Subject:   Re: FreeBSD remote root exploit ? 
Message-ID:  <200107190637.f6J6bnf66559@cwsys.cwsent.com>
In-Reply-To: Your message of "Thu, 19 Jul 2001 01:09:35 EDT." <5.1.0.14.0.20010719010646.03e25eb8@192.168.0.12>
next in thread | previous in thread | raw e-mail | index | archive | help 
The advisory says that OpenBSD-current invulnerable.  Looking at the 
OpenBSD source tree, they've replaced BSD telnetd with heimdal telnetd. 
 Build with kerberos5 enabled might be a temp workaround.


Regards,                         Phone:  (250)387-8437
Cy Schubert                        Fax:  (250)387-5766
Team Leader, Sun/Alpha Team   Internet:  Cy.Schubert@osg.gov.bc.ca
Open Systems Group, ITSD, ISTA
Province of BC

In message <5.1.0.14.0.20010719010646.03e25eb8@192.168.0.12>, Mike 
Tancsa write
s:
> 
> Major drag.  Sadly, one of my customers needs telnetd running. Are there 
> any alternative daemons that can be used as a temp measure that are not 
> derived from the BSD tree ?
> 
>          ---Mike
> 
> At 09:39 PM 7/18/2001 -0700, Kris Kennaway wrote:
> >I haven't been able to verify it yet; they didn't bother to give us
> >any advance notice before releasing to bugtraq, nor did they give us
> >any additional details.
> >
> >Kris
> >
> >On Thu, Jul 19, 2001 at 12:19:09AM -0400, Mike Tancsa wrote:
> > >
> > > Posted to bugtraq is a notice about telnetd being remotely root
> > > exploitable. Does anyone know if it is true ?
> > >
> > >          ---Mike
> 
> --------------------------------------------------------------------
> Mike Tancsa,                                      tel +1 519 651 3400
> Network Administration,                           mike@sentex.net
> Sentex Communications                             www.sentex.net
> Cambridge, Ontario Canada                         www.sentex.net/mike
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200107190637.f6J6bnf66559>