Date: Mon, 23 Jul 2001 18:56:17 -0700 From: Kris Kennaway <kris@freebsd.org> To: hubs@FreeBSD.org Cc: security-officer@FreeBSD.org Subject: [URGENT] Upgrade your telnetd binaries! Message-ID: <20010723185617.A90831@xor.obsecurity.org>
next in thread | raw e-mail | index | archive | help
--6TrnltStXW4iwmi0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi all, I've just portscanned the cvsup*.freebsd.org and noticed that an alarming number of these sites have telnetd open to the world. As you may have heard, there is a remotely exploitable root vulnerability in telnetd, fixed today. Since this vulnerability is being actively exploited, and as freebsd.org mirror sites you are all prime targets for being attacked, please disable telnetd immediately or fix the vulnerability as described in the advisory: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc A successful compromise of one of the FreeBSD mirror sites, even though it won't directly affect the master CVS repository, can still result in handing out compromised code to all of the FreeBSD users who download from your site. Thanks, Kris --6TrnltStXW4iwmi0 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7XNXAWry0BWjoQKURArOZAKC1SPh6yNHTepxmez56QlHiEFd5/gCg/SnW OqQ4AC1M6n9lwKq5Ut6rqyk= =q6wC -----END PGP SIGNATURE----- --6TrnltStXW4iwmi0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hubs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010723185617.A90831>