BSD Based telnetd telrcv Function Remote Command Execution

This script is Copyright (C) 2001-2011 Pavel Kankovsky

Synopsis :

The remote telnet server may be vulnerable to a buffer overflow

Description :

The Telnet server does not return an expected number of replies when
it receives a long sequence of 'Are You There' commands. This
probably means it overflows one of its internal buffers and crashes.
This could likely lead to arbitrary code execution.

Solution :

Disable the telnet service by, for example, commenting out the
'telnet' line in /etc/inetd.conf.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 10709 ()

Bugtraq ID: 3064

CVE ID: CVE-2001-0554

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now