Security Incidents mailing list archives
BSDi telnetd exploitable...
From: Sean Chittenden <sean-securityfocus-incidents () chittenden org>
Date: Fri, 27 Jul 2001 14:34:14 -0700
Just an FYI, BSDi's telnetd in 4.1 and 4.2 is vulnerable to the telnetd exploit. I was just brought in to clean up a small cluster of unfirewalled BSDi systems that fell victem (don't ask me why there wasn't a firewall: not my boxes). Anyway, since then I've nuked the boxen and put FreeBSD+ipf on and what's interesting is that my logs show that the same IP that did the initial breakin is still scanning/attempting to connect to the port. Looks like a poorly written script kiddie tool in use. The IP address was obtainable through the (w|u)tmp files. At anyrate, FYI. -sc -- Sean Chittenden
Attachment:
_bin
Description:
Current thread:
- BSDi telnetd exploitable... Sean Chittenden (Jul 29)