Jump to content
Sign in to follow this  
Edrikk

Unraid 6.5.0 - OpenVAS reports "TESO in.telnetd buffer overflow"

1 post in this topic Last Reply

Recommended Posts

Hi,

 

I'm sure this may be known, but a search didn't pop anything, so reporting.

I installed an OpenVAS VM within Unraid to run on my network "out of curiosity".  One of the vulnerabilities that it discovered was against Unraid (v6.5.0).  Below is the context/report:

 

Quote
Summary

The Telnet server does not return an expected number of replies when it receives a long sequence of 'Are You There' commands. This probably means it overflows one of its internal buffers and crashes. It is likely an attacker could abuse this bug to gain control over the remote host's superuser.

For more information, see: http://www.team-teso.net/advisories/teso-advisory-011.tar.gz

Vulnerability Detection Result

Vulnerability was detected according to the Vulnerability Detection Method.

Solution

Comment out the 'telnet' line in /etc/inetd.conf.

Vulnerability Detection Method

Details: TESO in.telnetd buffer overflow

Version used: $Revision: 6056 $

References

 

CVE: CVE-2001-0554
BID: 3064
Other: IAVA:2001-t-0008

 

 

Edit:  Please excuse as I didn’t open this in the Security forum.  Please don’t hesitate to relocate.

Edited by Edrikk

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this