Re: Moving telnet/telnetd from base to pkgsrc

To: Taylor R Campbell <campbell+netbsd-tech-userlevel%mumble.net@localhost>
Subject: Re: Moving telnet/telnetd from base to pkgsrc
From: Michael van Elst <mlelstv%serpens.de@localhost>
Date: Fri, 14 Dec 2018 19:56:27 +0100

On Fri, Dec 14, 2018 at 04:53:06PM +0000, Taylor R Campbell wrote:

> There is an exploit being privately circulated, which is what prompted
> this discussion in the first place, and an advisory is presumably
> forthcoming.

Two local 'exploits', one that had been fixed more than 13 years ago
(with proper CVEs), both require careful preparation by the user to
be triggered.

Isn't that far from 'remote exploit' and 'everyone who can MITM can do that'?

-- 
                                Michael van Elst
Internet: mlelstv%serpens.de@localhost
                                "A potential Snark may lurk in every tree."

References:
- Re: Moving telnet/telnetd from base to pkgsrc
  - From: Michael van Elst
- Re: Moving telnet/telnetd from base to pkgsrc
  - From: Taylor R Campbell

Prev by Date: Re: Moving telnet/telnetd from base to pkgsrc
Next by Date: Re: Moving telnet/telnetd from base to pkgsrc
Previous by Thread: Re: Moving telnet/telnetd from base to pkgsrc
Next by Thread: Re: Moving telnet/telnetd from base to pkgsrc
Indexes:

Home | Main Index | Thread Index | Old Index