oss-sec mailing list archives
Re: CVE-2011-4862 is not BSD-specific
From: Huzaifa Sidhpurwala <huzaifas () redhat com>
Date: Mon, 26 Dec 2011 15:07:42 +0530
On 12/26/2011 03:04 PM, Florian Weimer wrote:
* Huzaifa Sidhpurwala:The telnetd from netkit does not appear to be affected.The patch seems to be applicable though, probably you need to do something else to make it segfault?Our version of netkit (which we once got from <ftp://ftp.uk.linux.org/pub/linux/Networking/netkit/>) lacks Kerberos support entirely.
From what i see, if your telnetd can do encrypted connections, then it is affected.
However netkit telnet clients dont have support for encryption, so using the telnet client out of box is not going to work.
-- Huzaifa Sidhpurwala / Red Hat Security Response Team
Current thread:
- CVE-2011-4862 is not BSD-specific Florian Weimer (Dec 25)
- Re: CVE-2011-4862 is not BSD-specific Kurt Seifried (Dec 25)
- Re: CVE-2011-4862 is not BSD-specific Huzaifa Sidhpurwala (Dec 25)
- Re: CVE-2011-4862 is not BSD-specific Florian Weimer (Dec 26)
- Re: CVE-2011-4862 is not BSD-specific Huzaifa Sidhpurwala (Dec 26)
- Re: CVE-2011-4862 is not BSD-specific Florian Weimer (Dec 26)