'Serious' security holes in Kerberos Telnet client
Source: SearchSecurity.com - Posted by Pax Dickinson   
Hacks/Cracks Attackers could exploit two "serious" security holes in the Telnet program supplied with MIT Kerberos 5 to cause a buffer overflow and launch malicious code, the Massachusetts Institute of Technology's (MIT) Kerberos Team warned in an advisory.

The Telnet protocol allows virtual network terminals to be connected over the Internet and is incorporated into a variety of popular operating systems, from Sun Solaris and Red Hat Enterprise Linux to Apple's Mac OS X.

According to the Kerberos Team, "An attacker controlling or impersonating a Telnet server may execute arbitrary code with the privileges of the user running the Telnet client." The advisory lists fixes that are available.

Read this full article at SearchSecurity.com

Only registered users can write comments.
Please login or register.

Powered by AkoComment!