409 – in.telnetd can be manipulated to permit a root login by a remote user

Bug 409 - in.telnetd can be manipulated to permit a root login by a remote user

Summary: in.telnetd can be manipulated to permit a root login by a remote user

Status:	CLOSED NOTABUG
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	telnet
Sub Component:
Version:	5.1
Hardware:	i386
OS:	Linux
Priority:	high
Severity:	medium
Target Milestone:	---
Assignee:	David Lawrence
QA Contact:
Docs Contact:
URL:
Whiteboard:
Keywords:	Security
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	1998-12-14 12:53 UTC by gort
Modified:	2008-05-01 15:37 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:
Doc Text:	(edit)
Clone Of:
Environment:	(edit)
Last Closed:	1998-12-14 14:10:22 UTC

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description gort 1998-12-14 12:53:20 UTC

We suffered a break in that has been traced to an individual
on a remote host connecting to several of our RedHat Linux
5.0 and 5.1 Intel-based systems.  The connection was via
telnet, and it appears in.telnetd was manipulated to give up
a root shell.  The remote user did not have a legitimate
account on any of our systems.  Redhat 5.0 Alpha systems in
the same lab were not attacked.

Several other Intel based Linux systems (both Redhat and
Slacware) at other sites on campus were succeessfully
attacked at the same time.

Comment 1 Mike Wangsmo 1998-12-14 14:10:59 UTC

Before we can be concerned about a security hole, the machines must be
updated to all security errata on updates.redhat.com.  If those
updates have been applied, then please reopen this bug.

Note You need to log in before you can comment on or make changes to this bug.