On Fri, 10 Aug 2001 zen-parseat_private wrote: > Product: netkit telnet protocol daemon, in.telnetd > > Version: netkit-telnet-0.17 (and previous) /usr/sbin/in.telnetd > > Severity: High > > Remote: Yes > > Allows: Remote ROOT level access. > > Workaround: Disable telnet access. > > Fix: Check with your vendor for an updated package. [....] > > /usr/in.telnetd <= netkit-telnet-0.17 > (telnet-0.17-7 is the default in.telnetd for Redhat 7.0) Hi, I reported segfaults of telnetd 0.17 to RedHat on July 30, they posted some fix (July 31), but haven't released advisory yet. Please check following URLs: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=50335 ftp://people.redhat.com/harald/telnet-0.17-16.src.rpm Patch from RedHat in telnet-0.17-16 is bigger than one posted here, but I can't check whether it is enough (at least telnetd won't segfault). -- rado b Why Did You Reboot That Machine?
This archive was generated by hypermail 2b30 : Thu Aug 09 2001 - 14:03:40 PDT