Date: Fri, 23 Dec 2011 11:49:20 -0600 (CST) From: Tim Zingelman <zingelman@fnal.gov> To: Colin Percival <cperciva@freebsd.org> Cc: freebsd-security@freebsd.org Subject: Re: Merry Christmas from the FreeBSD Security Team Message-ID: <Pine.SOL.4.64.1112231141580.24340@nova.fnal.gov> In-Reply-To: <4EF4BBB5.2030900@freebsd.org> References: <4EF4A120.1000305@freebsd.org> <Pine.SOL.4.64.1112231103280.23931@nova.fnal.gov> <4EF4BBB5.2030900@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 23 Dec 2011, Colin Percival wrote: > On 12/23/11 09:08, Tim Zingelman wrote: >> On Fri, 23 Dec 2011, FreeBSD Security Officer wrote: >>> Unfortunately my hand was forced: One of the issues (FreeBSD-SA-11:08.telnetd) >>> is a remote root vulnerability which is being actively exploited in the wild; >>> bugs really don't come any worse than this. On the positive side, most people >>> have moved past telnet and on to SSH by now; but this is still not an issue we >>> could postpone until a more convenient time. >> >> Is there any reason this does would not apply to telnetd from most other >> vendors? In particular MIT Kerberos & heimdal? > > It probably applies to everyone shipping BSD telnetd -- I notified the projects > I could think of, but I'm sure I missed a few. > > Heimdal is definitely affected. I don't think MIT Kerberos ships telnetd any > more... at least, I looked in their SVN tree and didn't find it. As of version krb5-1.8 MIT Kerberos stripped all the applications out into a separate krb5-appl bundle. Current version is krb5-appl-1.0.2 and it ships with an apparently vulnerable telnetd. There is a FreeBSD package security/krb5-appl of this maintained by cy. Is there any test code available that could be run against a telnetd to determine if it might be vulnerable or if it is patched against this issue? Thanks, - Tim
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.4.64.1112231141580.24340>