in.telnetd bug (linux)

From: kgb (kgbat_private)
Date: Tue Nov 25 1997 - 08:00:32 PST

Next message: Aleksandr Pilosov: "Xyplex terminal server bug"

Previous message: Kelly E. Gibbs: "Dos against NT4-SP3 and 95 [latierra.c]"
Next in thread: Ian R. Justman: "Re: in.telnetd bug (linux)"
Reply: Ian R. Justman: "Re: in.telnetd bug (linux)"
Reply: Aaron Campbell: "Re: in.telnetd bug (linux)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is my first bugtraq post, If Linux in.telnetd is _supposed_ to do
this or everyone already knows it does so, I hope Aleph1 doen't let it
though the list. :-)

This look's harmless, however it does not look like it should be
'acceptable' Heres the info on the bug:

If you your 'TERM' variable to anythig that the telnet server your
telnetting to does _not_ have in the terminfo database, in.telnetd
coredumps. (leaving a core in /) This core file is dropped with safe
permissions so only root could read it, and there is nothing that I can
see 'dangerous' left in it for anyone to read.

This does not appear to affect in.telnetd from some distributions.
The distribution I did find affected is slackware 3.4.

This does not appear to affect RedHat 4.2, any others I don't have time to
try right now.

-MultiSynk
kgbat_private

Next message: Aleksandr Pilosov: "Xyplex terminal server bug"
Previous message: Kelly E. Gibbs: "Dos against NT4-SP3 and 95 [latierra.c]"
Next in thread: Ian R. Justman: "Re: in.telnetd bug (linux)"
Reply: Ian R. Justman: "Re: in.telnetd bug (linux)"
Reply: Aaron Campbell: "Re: in.telnetd bug (linux)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:33:46 PDT