Nessus Plugin #10709
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
TESO in.telnetd buffer overflow
- Family:
- Gain root remotely
- Category:
- destructive_attack
- Copyright:
- This script is Copyright (C) 2001 Pavel Kankovsky
- Summary:
- Attempts to overflow the Telnet server buffer
- Version:
- $Revision: 1.17 $
- Cve_id:
- CVE-2001-0554
- Bugtraq_id:
- 3064
- Xrefs:
- -
- Description:
The Telnet server does not return an expected number of replies
when it receives a long sequence of 'Are You There' commands.
This probably means it overflows one of its internal buffers and
crashes. It is likely an attacker could abuse this bug to gain
control over the remote host's superuser.
For more information, see:
http://www.team-teso.net/advisories/teso-advisory-011.tar.gz
Solution: Comment out the 'telnet' line in /etc/inetd.conf.
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.