Re: recent telnet vulnerability

[m p <sumirati () yahoo de>]

Hi,

it depends which OS you are using. The exploitable code was derived from the
original BSD code - so the assumption was made, that the OSes derived from
System V (or written from scratch) are not vulnerable to _this_ buffer
overflow.

For FreeBSD the advisory is available under:
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.v1.1.asc

For NetBSD look at:
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc

For BSDi look at:
http://www.BSDI.COM/services/support/patches/patches-4.2/i386/M420-014

For Mac OS X:
I have not found any hint. 

OpenBSD don't have the vulnerability. They audited some time ago.


Some installations of Irix, Solaris and Linux seem to be vulnerable too.
Look at the e-mail of the guy who found the vulnerability:
http://www.geocrawler.com/archives/3/169/2001/7/350/6210189/
It showed up on Bugtraq.


Hope that helps

marc


 --- "Christopher J. Wargaski" <cjw () wargaski org> schrieb:
> Anyone have the telnetd source? ;-)
>
>                                          cjw
>
> > Are any proxies out there that are able to protect the telnetd?
> > I checked fwtk tn-gw, yes and no - it stops scipt kiddie exploit just right,
> > but it does nothing to protect telnetd proper way _after_ initial handshake.


__________________________________________________________________
Do You Yahoo!?
Gesendet von Yahoo! Mail - http://mail.yahoo.de
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards