BSDi telnetd exploitable...

[Sean Chittenden <sean-securityfocus-incidents () chittenden org>]

        Just an FYI, BSDi's telnetd in 4.1 and 4.2 is vulnerable to the
telnetd exploit.  I was just brought in to clean up a small cluster of
unfirewalled BSDi systems that fell victem (don't ask me why there
wasn't a firewall: not my boxes).  Anyway, since then I've nuked the
boxen and put FreeBSD+ipf on and what's interesting is that my logs show
that the same IP that did the initial breakin is still
scanning/attempting to connect to the port.  Looks like a poorly written
script kiddie tool in use.  The IP address was obtainable through the
(w|u)tmp files.  At anyrate, FYI.  -sc

-- 
Sean Chittenden

Attachment: _bin
Description: