From owner-freebsd-security Thu Jul 19 10:17: 7 2001 Delivered-To: freebsd-security@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id 1CC8137B401 for ; Thu, 19 Jul 2001 10:16:58 -0700 (PDT) (envelope-from ru@whale.sunbay.crimea.ua) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.2/8.11.2) id f6JHE7e64280; Thu, 19 Jul 2001 20:14:07 +0300 (EEST) (envelope-from ru) Date: Thu, 19 Jul 2001 20:14:07 +0300 From: Ruslan Ermilov To: Przemyslaw Frasunek Cc: security@FreeBSD.ORG Subject: [PATCH] Re: FreeBSD remote root exploit ? Message-ID: <20010719201407.B61061@sunbay.com> Mail-Followup-To: Przemyslaw Frasunek , security@FreeBSD.ORG References: <5.1.0.14.0.20010719001357.03e22638@192.168.0.12> <014d01c11031$bdab5a10$2001a8c0@clitoris> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <014d01c11031$bdab5a10$2001a8c0@clitoris>; from venglin@freebsd.lublin.pl on Thu, Jul 19, 2001 at 11:03:53AM +0200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Jul 19, 2001 at 11:03:53AM +0200, Przemyslaw Frasunek wrote: > > Posted to bugtraq is a notice about telnetd being remotely root > > exploitable. Does anyone know if it is true ? > > Yes, telnetd is vulnerable. > The patch is available at: http://people.FreeBSD.org/~ru/telnetd.patch Cheers, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message