|
|
Vulnerability Assessment & Network Security Forums |
|||||||||
|
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA075] DSA-075-1 netkit-telnet-ssl Vulnerability Assessment Details
|
[DSA075] DSA-075-1 netkit-telnet-ssl |
||
|
DSA-075-1 netkit-telnet-ssl Detailed Explanation for this Vulnerability Assessment The telnet daemon contained in the netkit-telnet-ssl_0.16.3-1 package in the 'stable' (potato) distribution of Debian GNU/Linux is vulnerable to an exploitable overflow in its output handling. The original bug was found by bugtraq on Jul 18 2001. At that time, netkit-telnet versions after 0.14 were not believed to be vulnerable. On Aug 10 2001, zen-parse posted an advisory based on the same problem, for all netkit-telnet versions below 0.17. More details can be found on SecurityFocus. As Debian uses the 'telnetd' user to run in.telnetd, this is not a remote root compromise on Debian systems the 'telnetd' user can be compromised. We strongly advise you update your netkit-telnet-ssl packages to the versions listed below. Solution : http://www.debian.org/security/2001/dsa-075 Network Security Threat Level: High Networks Security ID: Vulnerability Assessment Copyright: This script is (C) 2006 Michel Arboi |
||
|
Workstations, Terminals |
|
||
|
No Discussions have been posted on this vulnerability. |