Language Selection

English French German Italian Portuguese Spanish

Flurry Of Patches From Unix Vendors For Telnet Flaw

Filed under
Security

Several distributors of the BSD version of the Telnet protocol have released patches for a critical bug that could cause system-hijack attacks.

According to iDefense, remote exploitation of a buffer overflow vulnerability in multiple Telnet clients could allow the execution of arbitrary code.

The Telnet protocol allows virtual network terminals to be connected to over the Internet. The initial description of the telnet protocol was given in RFC854 in May 1983. Since then there have been many extra features added including encryption.

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands in the context of the user who launched the Telnet client, says iDefense.

iDefense has confirmed the existence of the vulnerability in the Telnet client included in the Kerberos V5 Release 1.3.6 package and the client included in the SUNWtnetc package of Solaris 5.9. According to the advisory, it is suspected that most BSD based Telnet clients are affected by this vulnerability.

Advisories and patches have been issued by FreeBSD, MIT (Kerberos), Red Hat, and Sun among others.

Source.

More in Tux Machines

Linux Mint Debian Might Not Adopt Systemd

The Linux Mint team has ended 2014 in force with a great Linux Mint 17.1 "Rebecca" release, for both the MATE and Cinnamon desktop, but it looks like the Debian edition is also going to be interesting. Read more

Latest SteamOS Update Brings New NVIDIA and AMD Drivers

SteamOS, a Linux distribution based on Debian and developed by Valve that aims to provide the best gaming experience, has been updated by its makers and a new Beta version has been released. Read more

Your Old Computer Can Live Again with Emmabuntüs 2

Emmabuntüs 2 1.09, a distribution created for reconditioning old computers and relying on the robustness of Xubuntu 12.04.5 LTS, has been released and is now ready for download. The Emmabuntüs developers only use LTS editions of Xubuntu, and that means they actually have two distros out right now that are maintained and improved. We had Emmabuntüs 3 1.0 released a few weeks ago, but that one was using Xubuntu 14.04 LTS as the base. Now, the old branch based on Xubuntu 12.04, Emmabuntüs 2, has been improved as well and the devs have made quite a few changes. Read more

11 years developing Krita

Back in 2003 Krita had never been released and the application was only able to do some very crude painting. I think the main reason that I started contributing to Krita back then was that I was much more comfortable with the single window UI and the fact that it used Qt/KDE and C++. In the early days I would never have imagined that I would be still with the project after 10+ years and how big the project is now. Even that the project exists today is a miracle and result of many developers putting in effort without ever knowing how it would develop. For the first few years we had almost no users and the users that we had were die-hard KDE users. At the time that wasn’t a bad thing as it allowed us to do some radical changes and experiments. Many features that were developed during this time still provide the base for the current Krita. Read more