Firewall Wizards mailing list archives
Re: recent telnet vulnerability
From: m p <sumirati () yahoo de>
Date: Wed, 1 Aug 2001 14:07:04 +0200 (CEST)
--- Chris Keladis <Chris.Keladis () cmc cwo net au> schrieb: > m p wrote:
it depends which OS you are using. The exploitable code was derived fromtheoriginal BSD code - so the assumption was made, that the OSes derived from System V (or written from scratch) are not vulnerable to _this_ buffer overflow.If FreeBSD is vulnerable, would the FW-1 IPSO Nokia devices be vulnerable as well? (and any other network-application based around *BSDs??) I know there are a few other firewalls based off FreeBSD.
Hi, if on the FW-1 IPSO Nokia device the telnetd is enabled AND it is derived from the *BSD code it is vulnerable too. (I don't have any knowledge about Nokia appliances.) Ask your vendor (in this case Nokia) for updates. But why are you using telnetd on a firewall? Please try ssh :) The same thing for other vendors: Ask them! ... and if you know something, feel free about sharing your knowledge. Just my two cent marc __________________________________________________________________ Do You Yahoo!? Gesendet von Yahoo! Mail - http://mail.yahoo.de _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: recent telnet vulnerability Chris Keladis (Aug 02)
- Re: recent telnet vulnerability m p (Aug 02)
- Re: recent telnet vulnerability Jonas Eriksson (Aug 04)
- <Possible follow-ups>
- Re: recent telnet vulnerability ark (Aug 04)
- Re: recent telnet vulnerability Balazs Scheidler (Aug 11)
- Re: recent telnet vulnerability ark (Aug 11)
- Re: recent telnet vulnerability Balazs Scheidler (Aug 11)
- Re: recent telnet vulnerability Balazs Scheidler (Aug 11)
- Re: recent telnet vulnerability m p (Aug 02)