By Chris Holbrook, 25 July 2001 18:18
NEWS IT administrators are being warned to patch operating systems software based on BSD (Berkeley Software Distribution) Unix, after a security flaw was uncovered today. Machines running operating systems such as FreeBSD, NetBSD and OpenBSD may be compromised by a buffer overflow in the Telnet daemon - in.telnetd. The glitch, which may also affect other operating systems like HP-UX and Sun's Solaris, could allow remote intruders to access a user's system with root privileges. A systems administrator said the glitch was possibly very dangerous, but most companies employing a firewall should remain unscathed, as they do not allow incoming traffic on to the vulnerable Telnet port 23. The administrator added: "It's the classic buffer overflow exploit for Unix. I recommend disabling Telnet, until the system is patched." For the full run down on the security flaw and the solution - discovered by the TESO research group - visit www.cert.org/advisories/CA-2001-21.html.
In order to post a comment you need to be registered and logged in.
Log in or create your silicon.com account below