Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: Telnet vulnerability

  1. #1
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,785

    Telnet vulnerability

    I don’t know how many of you get this bulletin, I didn’t really read it until today becase I don’t use the telnet server.

    Wasn’t this reported last year by them? Oh! That’s right, last year it was the client!

    - ----------------------------------------------------------------------
    Title: Unchecked Buffer in Telnet Server Could Lead to Arbitrary
    Code Execution
    Date: 07 February 2002
    Software: Telnet Service in Microsoft Windows 2000; Telnet
    Daemon in Microsoft Interix 2.2
    Impact: Denial of Service; Possibly Run Code of Attacker's Choice
    Max Risk: Moderate

    //*** catch this! An attacker can run any thing he/she wants, on your server and they call it a moderate risk ! ***//

    Bulletin: MS02-004

    Microsoft encourages customers to review the Security Bulletin at:
    http://www.microsoft.com/technet/sec.../MS02-004.asp.
    - -
    - ----------------------------------------------------------------------

    Issue:
    ======
    The Telnet protocol provides remote shell capabilities. Microsoft has
    implemented the Telnet protocol by providing a Telnet Server in
    several products. The implementations in two of these products
    - - - Windows 2000 and Interix 2.2 - contain unchecked buffers in the
    code that handles the processing of telnet protocol options.

    An attacker could use this vulnerability to perform a buffer
    overflow attack. A successful attack could cause the Telnet Server
    to fail, or in some cases, could possibly allow an attacker to
    execute code of her choice on the system. Such code would execute
    using the security context of the Telnet service, but this context
    varies from product to product. In Windows 2000, the Telnet service
    always runs as System; in the Interix implementation, the
    administrator selects the security context in which to run as part
    of the installation process.


    *~*~Here’s the best part:~*~*

    Mitigating Factors:
    ====================
    - While the Telnet Service in Windows 2000 is installed by default,
    it is not running by default. As a result, a Windows 2000 system
    would only be vulnerable if the administrator had started the
    service


    *~*~ It’s only vulnerable when its running. Well that’s a relief ~*~*


    ~*~* And how about this *~*~

    - Remotely exploiting this vulnerability would require the attacker
    to have the ability to connect to the Telnet Server.


    ~*~* I guess this means an attacker could only exploit this hole if they had a computer. ??? *~*~
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  2. #2
    Banned
    Join Date
    Oct 2001
    Posts
    1,459
    Wow... Look at M$ try to explain themselves... It almost sounds normal... But then you read the part that says 'You are only vlnerable when the service is running' And all is lost for M$ again

  3. #3
    Senior Member
    Join Date
    Dec 2001
    Posts
    1,193
    I suppose there is not one part of that company's product that is not vulnerable is there?

    I have built entire company networks from scratch and always the most crap comes from the m$ apps and os. I'm ashamed to say I've put it in place but the client wanted it - so -....
    Trappedagainbyperfectlogic.

  4. #4
    Banned
    Join Date
    Oct 2001
    Posts
    1,459
    I think with M$'s track record youll be hacked even if your offline LOL....

  5. #5
    Senior Member linuxcomando's Avatar
    Join Date
    Sep 2001
    Posts
    432
    Yet people still use telnet...
    I toor\'d YOU!

  6. #6
    Junior Member
    Join Date
    Feb 2002
    Posts
    26
    what is telnet ?
    sorry i am a real newbie and so clueless :S

    Valentino


  7. #7
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,785
    --------
    what is telnet ?
    sorry i am a real newbie and so clueless :S
    -------

    open a dos prompt and type:

    telnet bbs.zgnews.com

    if this is your first telnet experience, you've just found another part of the internet.
    i don't know what kind on news zg has, my old links don't work anymore so i picked one from

    http://www.thedirectory.org/telnet/index.sht

    before there were boards like this one, this is how hackers(and other special interest groups) used to exchange ideas(and other things) and they still do. theres alot of renagade telnet servers that arn't connected to the internet, you have to dial in to them. A lot fewer prying eyes.

    Telnet can be used for alot of things besides BBSing, like sending/receiving mail, administering a remote machine, bbs chat, a client for some trojans, or to help find out what services are running on different ports.

    There are a few tutorials in the tutoriels forum on telnet.

    hope this helped
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  8. #8
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164
    Man..when is MS going to realize they shouldn't run services of any kind? Buffer overflows are the most common in their packages and are exploited like nobody's business. Christ, they never learn...
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

  9. #9
    Senior Member
    Join Date
    Nov 2001
    Posts
    1,255
    Well, just wait until the next incarnation of Nimda uses this as an attack method. Virus/Worm hybrids are getting very dangerous now with the capability to attack multiple targets. I don't think it'll be long before we start seeing Virus/Worm combinations that exploit three or four hundred vulnerabilities. Imagine one that used a Windows Update like feature...

    /me shudders

    When will people learn to not use MS on the server?
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  10. #10
    Try using Putty, it´s free and provides SSH.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •