Home | FAQ | Contact | Privacy Policy
US-CERT
Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information
 

 View Notes By
Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric

 Other Documents
Technical Alerts

Technical Bulletins

Alerts

Security Tips

Fedora Project Information for VU#220816

Date Notified:2007-03-21
Date Updated:
Statement Date:
Status Summary:Vulnerable

Vendor Statement

The Fedora Project ships the krb5 telnet daemon in all versions of Fedora Core. Updated packages to correct this issue are available for Fedora Core 5 and 6 along with our advisories at the URLs below:

Fedora Core 6:
https://www.redhat.com/archives/fedora-package-announce/2007-April/msg00008.html

Fedora Core 5:
https://www.redhat.com/archives/fedora-package-announce/2007-April/msg00009.html

This update can also be installed with the 'yum' update program.

Note that the krb5 telnet daemon is not enabled by default in any version of Fedora Core. In addition, the default firewall rules block remote access to the telnet port. This flaw does not affect the telnet daemon distributed in the telnet-server package.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

Produced 2009 by US-CERT, a government organization
Disclaimers and copyright information