Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1997_1

Bugtraq archives for 1st quarter (Jan-Mar) 1997: in.telnetsnoopd [slackware]

in.telnetsnoopd [slackware]

JS/Illz (jeffNGBERT.ORG)
Thu, 20 Feb 1997 13:48:17 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: 8LGM Security Advisories: "Re: in.telnetsnoopd [slackware]"
Previous message: Aleph One: "Security Bulletins Digest"
Next in thread: 8LGM Security Advisories: "Re: in.telnetsnoopd [slackware]"

I'm not sure if this has been discussed or not, but in.telnetsnoopd is
exploitable on my Linux Slackware 2.0.27 system.
As most know, the standard in.telnetd was patched against the 'libroot'
exploit that made use of the "LD_PRELOAD" command in telnet. The patch (if
I remember correctly) blocked environment variables longer than xxxx from
being passed as an argument as "libroot" was. Unfortunately, it seems
someone overlooked telnetsnoop, as this is still exploitable.
Fix:
Edit your inetd.conf to reenable standard telnet, rather than snoop telnet.
Snooping is bad manners anyways =).


Jeff Sorensen <jeffngbert.org>
Programming/Graphic Arts
Admin: psionik.net/synapse

Next message: 8LGM Security Advisories: "Re: in.telnetsnoopd [slackware]"
Previous message: Aleph One: "Security Bulletins Digest"
Next in thread: 8LGM Security Advisories: "Re: in.telnetsnoopd [slackware]"