|
|
Family: Debian Local Security Checks --> Category: infos
[DSA569] DSA-569-1 netkit-telnet-ssl Vulnerability Scan
Vulnerability Scan Summary
DSA-569-1 netkit-telnet-ssl
Detailed Explanation for this Vulnerability Test
Michal Zalewski discovered a bug in the netkit-telnet server (telnetd)
whereby a remote attacker could cause the telnetd process to free an
invalid pointer. This causes the telnet server process to crash,
leading to a straightforward denial of service (inetd will disable the
service if telnetd is crashed repeatedly), or possibly the execution
of arbitrary code with the rights of the telnetd process (by
default, the 'telnetd' user).
For the stable distribution (woody) this problem has been fixed in
version 0.17.17+0.1-2woody2.
For the unstable distribution (sid) this problem has been fixed in
version 0.17.24+0.1-4.
We recommend that you upgrade your netkit-telnet-ssl package.
Solution : http://www.debian.org/security/2004/dsa-569
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
