OT: Re: Solaris telnetd failure with Heimdal client

Dave Love fx at albion.dl.ac.uk
Fri Nov 4 10:06:30 EST 2005


Will Fiveash <William.Fiveash at sun.com> writes:

> The folks are Sun are aware of this and looking into it.

[Not according to the support person.]

> I do not know the details of the interaction between Sun support and
> Dave so I can not comment on that.

For what it's worth, it subsequently appears to have been a
`misunderstanding' of a quite explicit report, but it was consistent
with previous experience, so I came to engineer land immediately.

> In regards to a DoS, I thought telnetd was spawned by
> inetd so I don't see the DoS.

Yes, but it is remotely crashing a process running as root, and might
be exploitable for all I know.  I don't doubt the engineers care
anyway, thanks.



More information about the Kerberos mailing list