[14726] in Kerberos

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Kerberos telnet and today's telnet vulnerability announcement

daemon@ATHENA.MIT.EDU (Jacques A. Vidrine)
Tue Jul 24 19:14:47 2001

Date: Tue, 24 Jul 2001 18:11:58 -0500
From: "Jacques A. Vidrine" <n@nectar.com>
To: John Rudd <jrudd@cats.ucsc.edu>
Cc: kerberos@MIT.EDU
Message-ID: <20010724181158.B17768@hellblazer.nectar.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <3B5DE79C.F5E14EDC@cats.ucsc.edu>; from jrudd@cats.ucsc.edu on Tue, Jul 24, 2001 at 02:24:44PM -0700

On Tue, Jul 24, 2001 at 02:24:44PM -0700, John Rudd wrote:
> 
> 
> So, most of my machines don't use the standard vendor telnet, but
> instead use one form or another of a kerberized telnet.  Does anyone
> know if today's announcement applies to kerberized telnetd's?
> 
> http://www.securityfocus.com/bid/3064

Yes, it does.  You can find patches in the FreeBSD port.
<URL:http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/krb5/files>

Cheers,
-- 
Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org

home	help	back	first	fref	pref	prev	next	nref	lref	last	post