Hello GNU Inetutils Security Team, I would like to responsibly report a potential security vulnerability related to the Telnet service provided by GNU Inetutils.
Summary I observed a possible authentication bypass condition in the Telnet daemon, where access is granted by providing only a valid username, without requiring or validating a password under specific circumstances. Affected Component - GNU Inetutils – Telnet server (telnetd) - Version tested: inetutils 2.7-1 - Service started via inetd / inetutils-inetd Description During controlled laboratory testing, the Telnet service appears to accept a session when a valid system username is supplied, without enforcing proper password verification. This behavior results in unauthorized access to the system under certain configurations. The issue seems to be related to the authentication handling logic rather than simple user misconfiguration. I have verified this behavior multiple times in an isolated test environment. Impact If confirmed, this vulnerability could allow: - Unauthorized access to user accounts - Remote login without valid credentials - Potential privilege escalation depending on system configuration Notes - All testing was performed in a private lab environment. - No production or third-party systems were accessed. - I have not publicly disclosed technical exploit details. I am available to provide additional technical information, logs, or a proof of concept if required, following coordinated disclosure practices. Thank you for your time and for maintaining GNU software. Kind regards, Carlos Cortes Alvarez
