Date: Fri, 27 Jul 2001 15:29:21 -0400 (EDT) From: "Andrew R. Reiter" <arr@watson.org> To: Kris Kennaway <kris@obsecurity.org> Cc: freebsd-security@freebsd.org Subject: Re: inetd.conf -- IPv6 telnet Message-ID: <Pine.NEB.3.96L.1010727152758.87459A-100000@fledge.watson.org> In-Reply-To: <20010727114029.C31276@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
consistency in terms of inetd.conf #'ing out telnet from being started, this is completely disregarding what has occured lately from the vulnerability. in inetd.conf, it comments the ipv4 telnetd so it wont be started (by default). But in ipv6 telnetd, it does not... Just wondering about some consistency with taht. On Fri, 27 Jul 2001, Kris Kennaway wrote: > On Fri, Jul 27, 2001 at 01:06:12PM -0400, Andrew R. Reiter wrote: > > kris, > > > > just wondering about this thing i just noticed in 4-stable that telnet > > comes default running under IPv6 in inetd.conf. not sure how likely > > someone would exploit over IPv6, but i was wondering about consistancy in > > relation to what's being done already for IPv4? > > What do you mean by 'consistency'? It's the same source code (hence > already fixed), and the advisory mentioned disabling both ipv4 and > ipv6 telnetd services as a workaround. > > Kris > *-------------................................................. | Andrew R. Reiter | arr@fledge.watson.org | "It requires a very unusual mind | to undertake the analysis of the obvious" -- A.N. Whitehead To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1010727152758.87459A-100000>