Telnetd exploit on FreeBSD 7

February 16, 2009 – 9:17 AM

A posting on the Full Disclosure mailing list has revealed what the FreeBSD Security team call a semi-remote root exploit for the telnetd service in FreeBSD 7, and later. By default, this service is disabled.

To exploit the vulnerability, a maliciously crafted library must be placed on the victim system beforehand, and then an attacker must connect via telnetd, passing the location of that library in the LD_PRELOAD environment variable. The malicious library is then loaded before the /bin/login process and executed as root.

Source:
http://www.heise-online.co.uk/news/Telnetd-exploit-on-FreeBSD-7–/112657

Exploit Code:
http://www.securityfocus.com/data/vulnerabilities/exploits/33777.c

You must be logged in to post a comment.

Copyright 2008-2021 PC Sympathy - Entries (RSS) - Sitemap