On Fri, 23 Dec 2011, Colin Percival wrote:
On 12/23/11 09:08, Tim Zingelman wrote:
On Fri, 23 Dec 2011, FreeBSD Security Officer wrote:
Unfortunately my hand was forced: One of the issues (FreeBSD-SA-11:08.telnetd)
is a remote root vulnerability which is being actively exploited in the wild;
bugs really don't come any worse than this. On the positive side, most people
have moved past telnet and on to SSH by now; but this is still not an issue we
could postpone until a more convenient time.
Is there any reason this does would not apply to telnetd from most other
vendors? In particular MIT Kerberos & heimdal?
It probably applies to everyone shipping BSD telnetd -- I notified the projects
I could think of, but I'm sure I missed a few.
Heimdal is definitely affected. I don't think MIT Kerberos ships telnetd any
more... at least, I looked in their SVN tree and didn't find it.
As of version krb5-1.8 MIT Kerberos stripped all the applications out into
a separate krb5-appl bundle. Current version is krb5-appl-1.0.2 and it
ships with an apparently vulnerable telnetd. There is a FreeBSD package
security/krb5-appl of this maintained by cy.
Is there any test code available that could be run against a telnetd to
determine if it might be vulnerable or if it is patched against this
issue?
Thanks,
- Tim
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[email protected]"
