|
Message-ID: <4EF84066.3060805@redhat.com> Date: Mon, 26 Dec 2011 15:07:42 +0530 From: Huzaifa Sidhpurwala <huzaifas@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: CVE-2011-4862 is not BSD-specific On 12/26/2011 03:04 PM, Florian Weimer wrote: > * Huzaifa Sidhpurwala: > >>> The telnetd from netkit does not appear to be affected. >> >> The patch seems to be applicable though, probably you need to do >> something else to make it segfault? > > Our version of netkit (which we once got from > <ftp://ftp.uk.linux.org/pub/linux/Networking/netkit/>) lacks Kerberos > support entirely. From what i see, if your telnetd can do encrypted connections, then it is affected. However netkit telnet clients dont have support for encryption, so using the telnet client out of box is not going to work. -- Huzaifa Sidhpurwala / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.