March 31, 20188 yr Hi, I'm sure this may be known, but a search didn't pop anything, so reporting. I installed an OpenVAS VM within Unraid to run on my network "out of curiosity". One of the vulnerabilities that it discovered was against Unraid (v6.5.0). Below is the context/report: Quote Summary The Telnet server does not return an expected number of replies when it receives a long sequence of 'Are You There' commands. This probably means it overflows one of its internal buffers and crashes. It is likely an attacker could abuse this bug to gain control over the remote host's superuser. For more information, see: http://www.team-teso.net/advisories/teso-advisory-011.tar.gz Vulnerability Detection Result Vulnerability was detected according to the Vulnerability Detection Method. Solution Comment out the 'telnet' line in /etc/inetd.conf. Vulnerability Detection Method Details: TESO in.telnetd buffer overflow Version used: $Revision: 6056 $ References CVE: CVE-2001-0554 BID: 3064 Other: IAVA:2001-t-0008 Edit: Please excuse as I didn’t open this in the Security forum. Please don’t hesitate to relocate. Edited March 31, 20188 yr by Edrikk
Archived
This topic is now archived and is closed to further replies.