[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] telnet and telnetd Raq3 overflow problem
- Subject: [cobalt-security] telnet and telnetd Raq3 overflow problem
- From: Fred <journal@xxxxxxx>
- Date: Fri, 10 Aug 2001 19:44:04 +0200
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
hello
I've recently knew that Red Hat had a security bug in telnet and telnetd.
The version of /usr/sbin/in.telnetd that comes as default on Redhat 7.0,
and many other distributions contains an exploitable overflow in the
handling of its output, allowing execution of arbitrary commands.
A release is now on Red Hat 's web site but no pkg in Cobalt's web site for
my Raq3
Is there a possibility to desactive telnet and telnetd in order to not being
hacked
waiting for the cobalt release.
thanks
Fred