Results 1 to 3 of 3
-
07-25-2001, 11:06 AM #1Web Hosting Master
- Join Date
- Apr 2001
- Location
- Palm Beach, FL
- Posts
- 1,097
FreeBSD Admins: serious telnetd exploit
If you are running FreeBSD (any version 3.1+ (including 4.3-STABLE)) and you are running telnetd, you are vulnerable to this attack.
My suggestion is to patch your telnetd with the link below and turn off telnet access. This is a serious exploit that will both consume large amounts of your bandwidth (due to the nature of the attack) and give the attacker full root access. Any script kiddie can do this -- the exploit is easy to use.
ftp://ftp.freebsd.org/pub/FreeBSD/CE...ages/SA-01:49/Alex Llera
Professional Server Management
FreeBSD|Linux|HSphere|Cpanel|Plesk
-
07-25-2001, 11:16 AM #2Disabled
- Join Date
- Jun 2001
- Posts
- 334
Re: FreeBSD Admins: serious telnetd exploit
Originally posted by allera
My suggestion is to patch your telnetd with the link below and turn off telnet access.
-
07-25-2001, 11:24 AM #3Web Hosting Master
- Join Date
- Apr 2001
- Location
- Palm Beach, FL
- Posts
- 1,097
Why not be safe about it? Why would you want to leave an unpatched binary on your server? All you are doing is downloading a new telnetd binary and replacing the existing one on your server. I think it's worth 5 minutes of your time to _potentially_ save 5 hours or more of headaches later.
Alex Llera
Professional Server Management
FreeBSD|Linux|HSphere|Cpanel|Plesk