Bugtraq mailing list archives
Re: in.telnetd bug (linux)
From: ianj () CALWEB COM (Ian R. Justman)
Date: Thu, 27 Nov 1997 17:00:12 -0800
-----BEGIN PGP SIGNED MESSAGE----- On Tue, 25 Nov 1997, kgb wrote:
This is my first bugtraq post, If Linux in.telnetd is _supposed_ to do this or everyone already knows it does so, I hope Aleph1 doen't let it though the list. :-) This look's harmless, however it does not look like it should be 'acceptable' Heres the info on the bug: If you your 'TERM' variable to anythig that the telnet server your telnetting to does _not_ have in the terminfo database, in.telnetd coredumps. (leaving a core in /) This core file is dropped with safe permissions so only root could read it, and there is nothing that I can see 'dangerous' left in it for anyone to read. This does not appear to affect in.telnetd from some distributions. The distribution I did find affected is slackware 3.4.
I tried this on my Slackware 3.3 system at home, so it's safe to assume that it affects prior versions of Slackware. Since I don't use Red Hat, I can only assume either: A. They've corrected a bug in the in.telnetd (assuming they're using the same code base in this one) that comes with the NetKit distribution of in.telnetd B. They use a completely different telnetd from a different "NetKit" C. Tying partially into B, they wrote their own. Likewise, I don't see how anyone could exploit this one. - --Ian. - --- Ian R. Justman (ianj () calweb com) CalWeb Internet Services Technical Support Team Finger ianj () calweb com for my public PGP key. -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: noconv iQEVAwUBNH4Xo0yc+bfQRhUBAQGXDQgA02R6JzquYOM+xaFr0el00abn7ndObV8h vpJBGcLo0353X40Iubms+hAoYe81ewimTj+2iea4cfwdVozrW7DAjLmWWeBlOPvH JIICHU4JPSgDOcdPyPOXWuncE3hzvJikDcVBSedfncv+894IZ3NG1xWgYIndxR8b lUnASvlqpkytQLAby61ReDva2TCp2hk5XX6PRXU54KXsnH4dny988a+3he8IHx6o PGTcn1/uNhrt58jMXmo+HUG4q0VlcpuqWSKp/99M7acKLBBYzLITzaFTyX66znF8 7TEqumIOxTv4i0htVFJYXbh/wjGbuJwomV9GhXl6mIQAOyr0Zd82cQ== =2GUs -----END PGP SIGNATURE-----
Current thread:
- Re: in.telnetd bug (linux) Szekely-Benczedi Endre (Jan 01)
- Re: your mail Mordechai T. Abzug (Dec 02)
- Re: longpath.sh Zack Weinberg (Dec 02)
- deep directories Gene Spafford (Dec 03)
- <Possible follow-ups>
- Re: in.telnetd bug (linux) Aaron Campbell (Nov 27)
- Re: in.telnetd bug (linux) Ian R. Justman (Nov 27)
- Re: in.telnetd bug (linux) John Brahy (Dec 01)
- Re: in.telnetd bug (linux) Patrick (Dec 01)
- Re: in.telnetd bug (linux) Ryan Murray (Dec 02)
- more xyplex commentary Matthew G. Harrigan (Dec 02)