Hi Folks,
I've run a scan on one of our devices and the report highlighted a security hole in the telnet server (TCP port 23). It reported the following:
"The Telnet server does not return an expected number of replies when it receives a long sequence of 'Are You There' commands. This probably means it overflows one of its internal buffers and crashes. It is likely an attacker could abuse this bug to gain control over the remote host's super user."
However, the box didn't crash! Is it still a high vulnerability?
Thanks,
Bilal Nasrallah
Network Management Engineering
Information Services
Nortel
ESN 393-3791 or (613) 763-3791
Mailstop 04351M18 Ottawa, Ontario
Email: [EMAIL PROTECTED]
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
