Date: Mon, 30 Jul 2001 10:39:14 -0400 (EDT) From: Jim Sander <jim@federation.addy.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Telnet exploit & 3.4-RELEASE Message-ID: <Pine.BSF.4.10.10107272341010.58801-100000@federation.addy.com> In-Reply-To: <Pine.BSF.4.31.0107271504470.58774-100000@mx.dmz.orem.verio.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> Paul Hart <hart@orem.verio.net> wrote: > The exploit posted to Bugtraq DOES work on FreeBSD 3.4-RELEASE but only if > you selected to install an encrypting telnetd when you set the machine up. > [...] > The "regular" telnetd still has the overflow (which may or may not be > exploitable) Exactly the kind of info I was looking for. My tests with the patched non-crypto telnetd seem to indicate all the problems are fixed, but again that may be my own lack of understanding. Thanks to you, and to the others that replied off-list with other information, both valuable and simply amusing. -=Jim=- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10107272341010.58801-100000>