<<< Date Index >>>     <<< Thread Index >>>

Re: Debian netkit telnetd vulnerability



On Tue, Sep 21, 2004 at 03:11:49AM +0400, Solar Designer wrote:

> On Sat, Sep 18, 2004 at 09:57:19PM +0200, Michal Zalewski wrote:
> > Exposure:
> > 
> >   Remote root compromise through buffer handling flaws
> 
> FWIW, some (two?) distributions have privsep'ed telnetd by now, where
> the immediate impact of this flaw (if it were present there) would be
> code execution as pseudo-user "telnetd" chrooted to /var/empty. (*)

Debian's telnetd runs as user telnetd, though it does not chroot to
/var/empty.

-- 
 - mdz