[5750] in Release_7.7_team
URGENT: Remote-root telnetd vulnerability in Athena
daemon@ATHENA.MIT.EDU (Greg Hudson)
Tue Apr 3 14:36:50 2007
Date: Tue, 3 Apr 2007 14:35:57 -0400
Message-Id: <200704031835.l33IZv1C030417@equal-rites.mit.edu>
From: Greg Hudson <ghudson@MIT.EDU>
To: release-announce@mit.edu
X-Spam-Flag: NO
X-Spam-Score: -2.998
Errors-To: release-announce-bounces@MIT.EDU
The MIT krb5 team recently announced a vulnerability which can allow
a remote attacker to gain root access to a machine via telnetd.
Athena machines which have been configured with "mkserv remote" are
vulnerable to this exploit. In the default configuration, an attacker
would have to authenticate with some Kerberos principal before using
the exploit, but that's not very much protection.
If you have any mkserv remote Athena machines, you should disable
telnetd on them immediately. You can do so by running (as root):
attach release
/mit/release/scripts/disabletelnet
There will be a forthcoming 9.4 patch release later today to fix the
vulnerability. The change made by disabletelnet will be reversed when
the patch release is taken.
Please contact release-team@mit.edu with any questions, comments, or
concerns. More information about the vulnerability is available at:
http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2007-001-telnetd.txt
