1) Open source isn't more secure. This is an old assumption. 2) There is no such thing as closed source anymore. Everything is chocked full of open source.https://twitter.com/hackerfantastic/status/1072533649411751937 …
-
-
Replying to @joshbressers
I disagree, the reason nobody paid much attention to telnet in inetutils is because a) nobody uses it and b) it's not security sensitive. telnet isn't setuid, and if you can set DISPLAY, you might as well just set LD_PRELOAD, or use !sh to just run commands.
2 replies 2 retweets 32 likes -
Replying to @taviso @joshbressers
People do use OpenSSH and it *is* security sensitive, and you better believe people study every line. I wouldn't trust any proprietary SSH implementation.
2 replies 6 retweets 36 likes -
Replying to @taviso @joshbressers
Hacker Fantastic Retweeted Hacker Fantastic
He is not wrong, though USER= is passed via -l and could be set in a URI handler via user@ making it more interesting as the heap code be remotely reachable -https://twitter.com/hackerfantastic/status/1065095950606221312?s=19 …
Hacker Fantastic added,
Hacker Fantastic @hackerfantasticI've never seen "encryption-free" SSH, I didn't believe it was real - so I looked it up.@mikrotik_com permit you to login via password based authentication over SSH... in clear-text! My password is "SECRETKEY" and can be clearly seen once "none" is selected as a cipher type.
pic.twitter.com/sBM2MRs7sR2 replies 0 retweets 8 likes -
Replying to @hackerfantastic @joshbressers
Do you have an example of any vulnerable usage? It's hard to believe anybody is doing that, that's what I mean: I don't think anybody spent any time auditing telnet from inetutils, because it's not used anywhere security sensitive.
5 replies 0 retweets 6 likes -
Replying to @taviso @joshbressers
telnet has been removed as a URI handler from modern browsers, there are plenty of embedded devices with restricted shells though.
1 reply 0 retweets 0 likes -
Replying to @hackerfantastic @joshbressers
Yep, I've never seen any telnet:// URI handler that would invoke telnet from inetutils. Do you have an example of an embedded device that allows you to invoke it in such a way? I think most would use BSD variants, I'm surprised to hear "plenty".
2 replies 0 retweets 2 likes -
Replying to @taviso @joshbressers
NetBSD contains the vulnerable code path and I linked you to a platform using it already ;-)
2 replies 0 retweets 1 like
I don't think NetBSD would be using GNU inetutils. They might have a similar bug, but the same point applies that it has to be used in a security sensitive context (a telnet:// URI handler, for example). Are you saying that Mikrotik is using it and it is vulnerable?
-
-
This Tweet is unavailable.
-
Yep, in pkgsrc, that's not part of NetBSD. Nobody is disputing the bug exists, I'm asking if there any usages that make it a security bug.
1 reply 0 retweets 0 likes - 6 more replies
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.