From owner-freebsd-security  Fri Jul 27 12:29:33 2001
Delivered-To: freebsd-security@freebsd.org
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by hub.freebsd.org (Postfix) with ESMTP id EA0BD37B403
	for <freebsd-security@freebsd.org>; Fri, 27 Jul 2001 12:29:30 -0700 (PDT)
	(envelope-from arr@watson.org)
Received: from localhost (arr@localhost)
	by fledge.watson.org (8.11.4/8.11.4) with SMTP id f6RJTMC87467;
	Fri, 27 Jul 2001 15:29:22 -0400 (EDT)
	(envelope-from arr@watson.org)
Date: Fri, 27 Jul 2001 15:29:21 -0400 (EDT)
From: "Andrew R. Reiter" <arr@watson.org>
To: Kris Kennaway <kris@obsecurity.org>
Cc: freebsd-security@freebsd.org
Subject: Re: inetd.conf -- IPv6 telnet
In-Reply-To: <20010727114029.C31276@xor.obsecurity.org>
Message-ID: <Pine.NEB.3.96L.1010727152758.87459A-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org


consistency in terms of inetd.conf #'ing out telnet from being started,
this is completely disregarding what has occured lately from the
vulnerability. 

in inetd.conf, it comments the ipv4 telnetd so it wont be started (by
default).  But in ipv6 telnetd, it does not... Just wondering about some
consistency with taht.


On Fri, 27 Jul 2001, Kris Kennaway wrote:

> On Fri, Jul 27, 2001 at 01:06:12PM -0400, Andrew R. Reiter wrote:
> > kris,
> > 
> > just wondering about this thing i just noticed in 4-stable that telnet
> > comes default running under IPv6 in inetd.conf.  not sure how likely
> > someone would exploit over IPv6, but i was wondering about consistancy in
> > relation to what's being done already for IPv4?
> 
> What do you mean by 'consistency'?  It's the same source code (hence
> already fixed), and the advisory mentioned disabling both ipv4 and
> ipv6 telnetd services as a workaround.
> 
> Kris
> 

*-------------.................................................
| Andrew R. Reiter 
| arr@fledge.watson.org
| "It requires a very unusual mind
|   to undertake the analysis of the obvious" -- A.N. Whitehead


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message