Unencrypted Telnet Server

This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.

Synopsis :

The remote Telnet server transmits traffic in cleartext.

Description :

The remote host is running a Telnet server over an unencrypted

Using Telnet over an unencrypted channel is not recommended as logins,
passwords, and commands are transferred in cleartext. This allows a
remote, man-in-the-middle attacker to eavesdrop on a Telnet session to
obtain credentials or other sensitive information and to modify
traffic exchanged between a client and server.

SSH is preferred over Telnet since it protects credentials from
eavesdropping and can tunnel additional data streams such as an X11

Solution :

Disable the Telnet service and use SSH instead.

Risk factor :

Medium / CVSS Base Score : 5.8

Family: Misc.

Nessus Plugin ID: 42263 ()

Bugtraq ID: