Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » US government re-issues telnet warning

US government re-issues telnet warning

by Cyclop08 on September 9th, 2001 A warning has been re-issued by the National Infrastructure Protection Centre (NIPC) about a vulnerability in the telnet daemon program following "numerous reports" of intruders exploiting the hole.





The NIPC, part of the US government, also fears that users may face a flood of worms that attack the vulnerable program using a buffer overflow technique, following the recent discovery of a Unix worm, 'x.c'.





The vulnerability was originally detected in July, primarily affecting FreeBSD-derived telnet daemons, such as those found in Solaris, AIX and some Linux distributions.





Recently the x.c worm, which exploits the hole, was discovered, prompting the NIPC to step up its efforts to convince users to install the relevant patch.





The authority also warned that "other malicious code variants could take advantage of the same vulnerability."




"Due to the increase of these reports and with the activity of a new worm that has targeted this vulnerability, the NIPC urges consumers to contact their vendors to obtain the appropriate fix," the advisory added.





A list of vulnerable systems, along with links to vendor patches, can be obtained at: http://www.securityfocus.com/bid/3060

The original CERT advisory can be found at:


http://www.cert.org/advisories/CA-2001-21.html


Posted by Cyclop08


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »