However, some Linux distributions may still be using krb5-appl. In any case, krb5-appl is no longer supported upstream and is not recommended for new deployments. Mitigating factors include that the telnetd application is typically installed only on trusted host, typically a server. It is not typically installed on client systems, where telnetd is not needed. As such, the potential impact of this issue is typically low. Vulnerable installations of telnetd have typically been updated and are no longer at risk.

END The telnet daemon has a NULL pointer dereference when receiving invalid length or invalid data packets. This could lead to a crash of the telnet daemon or an escalation of privilege if the telnet daemon runs with root privileges.

CVE-2018-12120 It was discovered that the getaddrinfo() function in the GNU C Library (aka glibc or libc6) did not properly validate user-supplied input when performing DNS resolution. An attacker could use this flaw to run a crafted DNS query that could cause the getaddrinfo() function to crash and potentially execute arbitrary code as the root user.

CVE-2018-7584 It was discovered that the getaddrinfo() function in the GNU C Library (aka glibc or libc6) did not properly validate type restrictions when resolving host names. An attacker could use this flaw to run a crafted DNS query that could cause getaddrinfo()

Check if you can run telnetd without any problems

The CVEs (Common Vulnerabilities and Exposures) listed above are common vulnerabilities. They affect a wide range of Linux distributions, with the exception of krb5-appl, which is no longer supported upstream. The vulnerability could be mitigated by disabling telnet daemon services on clients.

Cacti

: What Is It, and How Can You Use it?
Cacti is a free and open source monitoring system that collects data from many different types of network device. It’s used to monitor things like CPU load, disk usage, memory pressure, disk space, and much more. Cacti can be used in a variety of ways. For example, you can use cacti to monitor your Linux servers and applications. Another interesting way to use cacti is as a graphical frontend for vnstat. If you want to monitor your bandwidth usage via SNMP for example, cacti will do that for you just by adding the correct configuration file in the right directory. We decided to go with cacti because it’s open source and easy to use.

Timeline

Published on: 08/30/2022 05:15:00 UTC
Last modified on: 09/06/2022 17:34:00 UTC

References