|
|
Info |
Last Modified |
| 6 months ago |
|
|
|
|
Description |
The Berkeley telnet client contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to encrypted passwords when the telnet client uses kerberos 4, which may lead to a loss of confidentiality, integrity and/or availability.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Cryptographic,
Information Disclosure
Impact:
Loss of Confidentiality,
Loss of Integrity
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
|
|
Solution |
Upgrade to NCSA version 2.6.1d7 or higher, as it has been reported to fix this vulnerability. BSD has also released a patch to address this vulnerability.
|
|
Products |
|
Telnet Client
 |
Unknown or Unspecified |
|
Telnet Client
 |
2.6.1d6 and prior |
|
|
|
|
Credit |
Unknown or Incomplete
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|