Date: Wed, 18 Jul 2001 23:37:42 -0700 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: Mike Tancsa <mike@sentex.net> Cc: Kris Kennaway <kris@obsecurity.org>, security@FreeBSD.ORG Subject: Re: FreeBSD remote root exploit ? Message-ID: <200107190637.f6J6bnf66559@cwsys.cwsent.com> In-Reply-To: Your message of "Thu, 19 Jul 2001 01:09:35 EDT." <5.1.0.14.0.20010719010646.03e25eb8@192.168.0.12>
next in thread | previous in thread | raw e-mail | index | archive | help
The advisory says that OpenBSD-current invulnerable. Looking at the OpenBSD source tree, they've replaced BSD telnetd with heimdal telnetd. Build with kerberos5 enabled might be a temp workaround. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/Alpha Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC In message <5.1.0.14.0.20010719010646.03e25eb8@192.168.0.12>, Mike Tancsa write s: > > Major drag. Sadly, one of my customers needs telnetd running. Are there > any alternative daemons that can be used as a temp measure that are not > derived from the BSD tree ? > > ---Mike > > At 09:39 PM 7/18/2001 -0700, Kris Kennaway wrote: > >I haven't been able to verify it yet; they didn't bother to give us > >any advance notice before releasing to bugtraq, nor did they give us > >any additional details. > > > >Kris > > > >On Thu, Jul 19, 2001 at 12:19:09AM -0400, Mike Tancsa wrote: > > > > > > Posted to bugtraq is a notice about telnetd being remotely root > > > exploitable. Does anyone know if it is true ? > > > > > > ---Mike > > -------------------------------------------------------------------- > Mike Tancsa, tel +1 519 651 3400 > Network Administration, mike@sentex.net > Sentex Communications www.sentex.net > Cambridge, Ontario Canada www.sentex.net/mike > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200107190637.f6J6bnf66559>