Detect telnet services vulnerable to the encrypt option Key ID overflow (BSD-derived telnetd).
801a2a0bc2125f7e99eba56579ca138bcbadf4fa4fc437391f1bcb094a53e493The Cisco Ironport WSA virtual appliances are vulnerable to an old FreeBSD telnetd encryption Key ID buffer overflow which allows remote attackers to execute arbitrary code. Cisco WSA Virtual appliances have the vulnerable telnetd daemon enabled by default.
1e50defbccefef3b6417c5dae6f4b42e12ae0ee91e5966ab9e31f8406c261827VMware Security Advisory 2012-0006 - VMware ESXi and ESX address several security issues.
c6e864dff9dcf56bf615c9e583291146b0b85366456ccd6d12ad89425be75c54Gentoo Linux Security Advisory 201202-5 - A boundary error in Heimdal could result in execution of arbitrary code. Versions less than 1.5.1-r1 are affected.
42de8a2cf7db4d885a1b8457f558eaa5bf8b942213be6c388b6bd72267ca7dfaCisco Security Advisory - Cisco IronPort Email Security Appliances (ESA) and Cisco IronPort Security Management Appliances (SMA) contain a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code with elevated privileges. Workarounds that mitigate this vulnerability are available.
4864f4e17fe47b8f6178a603e1cc20bb9f967ec80c223712f14bfa2e367c5c8cGentoo Linux Security Advisory 201201-14 - Multiple vulnerabilities have been found in MIT Kerberos 5 Applications, the most severe of which may allow execution of arbitrary code. Versions less than 1.0.2-r1 are affected.
135efe09c96ca20d9d7663d923e21a56811a5e27a66d4ef706f14ced5d977da9This python script tests for the remote root vulnerability in encryption support for telnetd on FreeBSD systems.
4249e9430985117ad8d3275e803d36e641c4beae4c0f6950bde8f0af5b3e100cThis Metasploit module exploits a buffer overflow in the encryption option handler of the FreeBSD telnet service.
26a4211c976648be259b01d70ead3c15515210a76cfa2f2e831ab504568547e8Red Hat Security Advisory 2011-1854-01 - The krb5-appl packages provide Kerberos-aware telnet, ftp, rcp, rsh, and rlogin clients and servers. Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center. A buffer overflow flaw was found in the MIT krb5 telnet daemon. A remote attacker who can access the telnet port of a target machine could use this flaw to execute arbitrary code as root. Note that the krb5 telnet daemon is not enabled by default in any version of Red Hat Enterprise Linux. In addition, the default firewall rules block remote access to the telnet port. This flaw does not affect the telnet daemon distributed in the telnet-server package.
83eeef5fda24f5ac7761e4f57831e666f9cbabd3903c9a02dd52b0a24721586bRed Hat Security Advisory 2011-1853-01 - Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center. A buffer overflow flaw was found in the MIT krb5 telnet daemon. A remote attacker who can access the telnet port of a target machine could use this flaw to execute arbitrary code as root. Note that the krb5 telnet daemon is not enabled by default in any version of Red Hat Enterprise Linux. In addition, the default firewall rules block remote access to the telnet port. This flaw does not affect the telnet daemon distributed in the telnet-server package.
3769a5da3eca30398718bea8bed258601bbb8e2a1a21a41031c17dcfeb542759MIT krb5 Security Advisory 2011-008 - The telnet daemon (telnetd) in MIT krb5 (and in krb5-appl after the applications were moved to a separate distribution for krb5-1.8) is vulnerable to a buffer overflow. The flaw does not require authentication to exploit. Exploit code is reported to be actively used in the wild.
94f4852b4ef0d480fd44f6fff8a1a449daff42441b00c788d6970db82695afc2Mandriva Linux Security Advisory 2011-195 - A vulnerability has been discovered and corrected in krb5-appl, heimdal and netkit-telnet. An unauthenticated remote attacker can cause a buffer overflow and probably execute arbitrary code with the privileges of the telnet daemon. In Mandriva the telnetd daemon from the netkit-telnet-server package does not have an initscript to start and stop the service, however one could rather easily craft an initscript or start the service by other means rendering the system vulnerable to this issue. The updated packages have been patched to correct this issue.
088c8d790f512be759b35321724ad47890342945dbacb0e3d9083cc426187e2cThis Metasploit module exploits a buffer overflow in the encryption option handler of the Linux BSD-derived telnet service (inetutils or krb5-telnet). Most Linux distributions use NetKit-derived telnet daemons, so this flaw only applies to a small subset of Linux systems running telnetd.
bb350fce364cccea32d543a818c1ec5ccbfecf4e11c746fbe8c7d8b76c2cfd89This Metasploit module exploits a buffer overflow in the encryption option handler of the FreeBSD telnet service.
5c027aef49c6a33044ddd945cfc6d9db2dfdaac94f49b241b9d556902a49848aFreeBSD Security Advisory - When an encryption key is supplied via the TELNET protocol, its length is not validated before the key is copied into a fixed-size buffer. An attacker who can connect to the telnetd daemon can execute arbitrary code with the privileges of the daemon (which is usually the "root" superuser).
c92e3537ea4a9d4333d9b238da051a9f86ab6782c92ea9627150610dbec5e756Red Hat Security Advisory 2011-1852-02 - The krb5-appl packages provide Kerberos-aware telnet, ftp, rcp, rsh, and rlogin clients and servers. Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center. A buffer overflow flaw was found in the MIT krb5 telnet daemon. A remote attacker who can access the telnet port of a target machine could use this flaw to execute arbitrary code as root.
611b0465bb7429b56ae4ca7c0441b264da38bb0f332f78625ca03d057ffe1604Red Hat Security Advisory 2011-1851-01 - Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third- party, the Key Distribution Center. A buffer overflow flaw was found in the MIT krb5 telnet daemon. A remote attacker who can access the telnet port of a target machine could use this flaw to execute arbitrary code as root. Note that the krb5 telnet daemon is not enabled by default in any version of Red Hat Enterprise Linux. In addition, the default firewall rules block remote access to the telnet port. This flaw does not affect the telnet daemon distributed in the telnet-server package.
fcc05a1144325e7cb4e0faa7cb26db554864cc40f11c6e788b4e245114f681e2Debian Linux Security Advisory 2375-1 - It was discovered that the encryption support for BSD telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet port to execute arbitrary code with root privileges.
fd73e5b12a6d4591dd69cdba1166f1b643a3602a7b0d79942b9bf522a6bf82a2Debian Linux Security Advisory 2373-1 - It was discovered that the Kerberos support for telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet to execute arbitrary code with root privileges.
717b70e7a6ef1a328de1d72ba01af5596d2d4e3fae9640dc08a8d53c699a0229Debian Linux Security Advisory 2372-1 - It was discovered that the Kerberos support for telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet to execute arbitrary code with root privileges.
f0f6583e9e986815a366da7745916c14e72d8839169dad71c5322effd109c4f6
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed