[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] telnet and telnetd Raq3 overflow problem

Subject: [cobalt-security] telnet and telnetd Raq3 overflow problem
From: Fred <journal@xxxxxxx>
Date: Fri, 10 Aug 2001 19:44:04 +0200
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

hello

I've recently knew that Red Hat had a security bug in telnet and telnetd.
The version of /usr/sbin/in.telnetd that comes as default on Redhat 7.0,
and many other distributions contains an exploitable overflow in the
handling of its output, allowing execution of arbitrary commands.

A release is now on Red Hat 's web site but  no pkg in Cobalt's web site for
my Raq3

Is there a possibility to desactive telnet and telnetd in order to not being
hacked
 waiting for the cobalt release.

thanks

Fred

Prev by Date: RE: [cobalt-security] Re: Unix worm to kill codered.
Next by Date: Re: [cobalt-security] DANGER WILL ROBINSON!!! A tool for MIM/c*apfilt and poisoning listed on /.
Previous by thread: [cobalt-security] BIND running as root
Next by thread: [cobalt-security] telnet and telnetd Raq3 overflow problem

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index