[5108] in Kerberos
Re: Cygnus CNS telnet security hole?
daemon@ATHENA.MIT.EDU (eichin@MIT.EDU)
Mon May 8 04:22:25 1995
Date: Mon, 8 May 95 03:59:48 -0400
To: dm@das.harvard.edu (David Mazieres)
Cc: kerberos@MIT.EDU
In-Reply-To: "[5088] in Kerberos"
From: eichin@MIT.EDU
> telnet client and server. Does anyone know if that telnet contains
> the big encrypted telnet security hole everyone was talking about
Indeed, we didn't add telnet to our release until after the bug had
been announced (oddly enough, due to differences in our DES library,
the result of the buggy telnet code would have been a telnet/telnetd
that *did* have valid encryption, but didn't interoperate with the
broken one.)
_Mark_ <eichin@cygnus.com>
Cygnus Support
Cygnus Network Security <network-security@cygnus.com>