#inetutils — Public Fediverse posts

Sudden #Telnet Traffic Drop. Are #Telcos Filtering Ports to Block Critical #Vulnerability?

Telcos likely received advance warning about January's critical Telnet vulnerability before its public disclosure, according to threat intelligence biz GreyNoise. Global Telnet traffic "fell off a cliff" on January 14, 6 days before #security advisories for CVE-2026-24061 went public on Jan 20. The flaw, a decade-old bug in GNU #InetUtils telnetd with a 9.8 #CVSS score, allows …

https://tech.slashdot.org/story/26/02/14/0447228/sudden-telnet-traffic-drop-are-telcos-filtering-ports-to-block-critical-vulnerability?utm_source=rss1.0mainlinkanon&utm_medium=feed

Sudden #Telnet Traffic Drop. Are #Telcos Filtering Ports to Block Critical #Vulnerability?

Telcos likely received advance warning about January's critical Telnet vulnerability before its public disclosure, according to threat intelligence biz GreyNoise. Global Telnet traffic "fell off a cliff" on January 14, 6 days before #security advisories for CVE-2026-24061 went public on Jan 20. The flaw, a decade-old bug in GNU #InetUtils telnetd with a 9.8 #CVSS score, allows …

https://tech.slashdot.org/story/26/02/14/0447228/sudden-telnet-traffic-drop-are-telcos-filtering-ports-to-block-critical-vulnerability?utm_source=rss1.0mainlinkanon&utm_medium=feed

Sudden #Telnet Traffic Drop. Are #Telcos Filtering Ports to Block Critical #Vulnerability?

Telcos likely received advance warning about January's critical Telnet vulnerability before its public disclosure, according to threat intelligence biz GreyNoise. Global Telnet traffic "fell off a cliff" on January 14, 6 days before #security advisories for CVE-2026-24061 went public on Jan 20. The flaw, a decade-old bug in GNU #InetUtils telnetd with a 9.8 #CVSS score, allows …

https://tech.slashdot.org/story/26/02/14/0447228/sudden-telnet-traffic-drop-are-telcos-filtering-ports-to-block-critical-vulnerability?utm_source=rss1.0mainlinkanon&utm_medium=feed

Sudden #Telnet Traffic Drop. Are #Telcos Filtering Ports to Block Critical #Vulnerability?

Telcos likely received advance warning about January's critical Telnet vulnerability before its public disclosure, according to threat intelligence biz GreyNoise. Global Telnet traffic "fell off a cliff" on January 14, 6 days before #security advisories for CVE-2026-24061 went public on Jan 20. The flaw, a decade-old bug in GNU #InetUtils telnetd with a 9.8 #CVSS score, allows …

https://tech.slashdot.org/story/26/02/14/0447228/sudden-telnet-traffic-drop-are-telcos-filtering-ports-to-block-critical-vulnerability?utm_source=rss1.0mainlinkanon&utm_medium=feed

Sudden #Telnet Traffic Drop. Are #Telcos Filtering Ports to Block Critical #Vulnerability?

Telcos likely received advance warning about January's critical Telnet vulnerability before its public disclosure, according to threat intelligence biz GreyNoise. Global Telnet traffic "fell off a cliff" on January 14, 6 days before #security advisories for CVE-2026-24061 went public on Jan 20. The flaw, a decade-old bug in GNU #InetUtils telnetd with a 9.8 #CVSS score, allows …

https://tech.slashdot.org/story/26/02/14/0447228/sudden-telnet-traffic-drop-are-telcos-filtering-ports-to-block-critical-vulnerability?utm_source=rss1.0mainlinkanon&utm_medium=feed

https://blog.gslin.org/archives/2026/02/13/12889/telnetd-%e5%87%ba%e5%8c%85/

Telnetd 出包

#flaw #gnu #inetutils #login #network #root #security #telnet #telnetd #user

https://blog.gslin.org/archives/2026/02/13/12889/telnetd-%e5%87%ba%e5%8c%85/

Telnetd 出包

#flaw #gnu #inetutils #login #network #root #security #telnet #telnetd #user

https://blog.gslin.org/archives/2026/02/13/12889/telnetd-%e5%87%ba%e5%8c%85/

Telnetd 出包

#flaw #gnu #inetutils #login #network #root #security #telnet #telnetd #user

https://blog.gslin.org/archives/2026/02/13/12889/telnetd-%e5%87%ba%e5%8c%85/

Telnetd 出包

#flaw #gnu #inetutils #login #network #root #security #telnet #telnetd #user

https://blog.gslin.org/archives/2026/02/13/12889/telnetd-%e5%87%ba%e5%8c%85/

Telnetd 出包

#flaw #gnu #inetutils #login #network #root #security #telnet #telnetd #user

2.7までのGNU inetutilsに含まれるtelnetdに、細工した環境変数を送信するだけで認証を回避して特権ユーザーでのログインが可能な脆弱性が発見されたらしい。CVE-2026-24061。いまどきtelnetdをThe Internetに露出している人はそうそういないはずとはいえ、なかなか興味深いので調べてみたところ。`telnetd`が`execv()`で呼び出す`/usr/bin/login`のコマンドラインオプションをうまく使うことでそういうことができてしまうようで、正直興奮した。

https://www.safebreach.com/blog/safebreach-labs-root-cause-analysis-and-poc-exploit-for-cve-2026-24061/

#CVE #GNU #inetutils #login #telnetd #サイバーセキュリティ #セキュリティ #情報セキュリティ #脆弱性

@jas

My first suspect for a #login not supporting -- would be something with a 1980s history pre-dating standard #getopt, such as Solaris, which is ironic given that #inetutils has its only -- present in conditionally compiled code targetting Solaris.

#FreeBSD, #NetBSD, and #OpenBSD login all use getopt(), pervasive in these worlds for decades, as do the util-linux login (used by Debian et al.), and the #Illumos and #BusyBox logins.

#suckless login supports -- via ARGBEGIN.

@ska @cazabon

@ska

Looking at the commit and the code as it still stands today, it is interesting that only on Solaris does it even try to use -- in the arguments to login to signal the end of options, and even then only in limited circumstances.

#FreeBSD telnetd, for comparison, always puts -- in before the supplied account name.

I wonder how long it will be before the lesson is properly learned.

@jas
#getopt #login #telnetd #inetutils

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments

Assigning your copyright to the FSF helps defend the GPL and keep software free. Thanks to Benjamin Woodruff, Jeffrey Bencteux, John Muhl, Matheus Branco Borella, Sergey Alexandrovich Bugaev, and Wang Diancheng for assigning their copyright to the FSF! #Inetutils, #GDB, #GCC, #GNUCLib, #GNUHurd, #GNUMach, #GNUstep, #Emacs, and more: https://u.fsf.org/3ht #CopyrightAssignments