Red Hat Bugzilla – Bug 50476
Telnet has major security flaw
Last modified: 2007-04-18 12:35:20 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.4.3-12 i686)
Description of problem:
A big security hole was recently discovered in telnetd. I can't tell if my
telnet is vulnerable. The RPM I used was telnet-server-0.17-10. I don't
know if it's vulnerable because RedHat didn't release an advisory. the
0.17 matches non-vulnerable netkit versions in number, but I can't find any
information as to whether or not this telnetd is netikit. Thanks.
Steps to Reproduce:
1.I don't know if there is a problem, but if you find the source code on
BugTraq for the vulnerability checker, you get a hit.
2. Be unsure--this checker is known to produce wrong results on some
3.Lather, rinse, repeat...
*** This bug has been marked as a duplicate of 50335 ***