Re: telnetd vulnerability from BUGTRAQ
On Fri, 24 Sep 2004, s. keeling wrote:
> > I noticed the message below on BUGTRAQ last weekend, reporting a remote
> > root compromise in telnetd. I haven't seen any discussion of this on the
> > list archives, nor a new DSA. Am I missing something?
>
> Is anyone still using telnet when there's ssh? Why? I wouldn't even
> use it inside my own firewalled LAN. ssh is just better.
Agreed - but some of my customers, even after I've pointed out the risks,
just don't want to go through the trouble of changing from their preferred
Telnet programs.
Given that a remote root is supposedly possible, I think this should be
looked at, no matter how rare the package's usage may be.
--
James Renken, System Administrator jrenken@sandwich.net
Sandwich.Net Internet Services http://www.sandwich.net/ 1-877-HUBWICH
Reply to: