-----BEGIN PGP SIGNED MESSAGE----- On Tue, 25 Nov 1997, kgb wrote: > This is my first bugtraq post, If Linux in.telnetd is _supposed_ to do > this or everyone already knows it does so, I hope Aleph1 doen't let it > though the list. :-) > > This look's harmless, however it does not look like it should be > 'acceptable' Heres the info on the bug: > > If you your 'TERM' variable to anythig that the telnet server your > telnetting to does _not_ have in the terminfo database, in.telnetd > coredumps. (leaving a core in /) This core file is dropped with safe > permissions so only root could read it, and there is nothing that I can > see 'dangerous' left in it for anyone to read. > > This does not appear to affect in.telnetd from some distributions. > The distribution I did find affected is slackware 3.4. I tried this on my Slackware 3.3 system at home, so it's safe to assume that it affects prior versions of Slackware. Since I don't use Red Hat, I can only assume either: A. They've corrected a bug in the in.telnetd (assuming they're using the same code base in this one) that comes with the NetKit distribution of in.telnetd B. They use a completely different telnetd from a different "NetKit" C. Tying partially into B, they wrote their own. Likewise, I don't see how anyone could exploit this one. - --Ian. - --- Ian R. Justman (ianjat_private) CalWeb Internet Services Technical Support Team Finger ianjat_private for my public PGP key. -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: noconv iQEVAwUBNH4Xo0yc+bfQRhUBAQGXDQgA02R6JzquYOM+xaFr0el00abn7ndObV8h vpJBGcLo0353X40Iubms+hAoYe81ewimTj+2iea4cfwdVozrW7DAjLmWWeBlOPvH JIICHU4JPSgDOcdPyPOXWuncE3hzvJikDcVBSedfncv+894IZ3NG1xWgYIndxR8b lUnASvlqpkytQLAby61ReDva2TCp2hk5XX6PRXU54KXsnH4dny988a+3he8IHx6o PGTcn1/uNhrt58jMXmo+HUG4q0VlcpuqWSKp/99M7acKLBBYzLITzaFTyX66znF8 7TEqumIOxTv4i0htVFJYXbh/wjGbuJwomV9GhXl6mIQAOyr0Zd82cQ== =2GUs -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:33:53 PDT