Subject: Re: telnetd core
To: None <netbsd-users@netbsd.org>
From: Chuck Yerkes <chuck+nbsd@2003.snew.com>
List: netbsd-users
Date: 12/29/2002 23:11:17
It would indicate that someone with malicious intent is
able to access your machine well enough to run the exploit.
Considering how very dangerous non-kerberized, clear telnet
is, perhaps this is fair warning to block 22 at your router
and, if it's coming from inside, just stop it altogether.
sshd is a lovely replacement for telnetd - available on all
platforms that I have used (Mac, Win, VMS and Unix).
Quoting Wojciech Puchar (wojtek@tensor.3miasto.net):
> > data
> > * from the network, and pass it through the telnet state machine. We
> > * also flush the pty input buffer (by dropping its data) if it becomes
> > * too full.
> > */
> >
> > >is telnetd exploitable??! any protection?
> >
> >
> > See above advisory.
> >
> > Note: You may wish to disable telnetd altogether as it offers no protection
> > over ssh.
> >
> it's TEMPORARILY disabled as i want to run both