oss-security - Re: Telnetd Vulnerability Report

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Message-ID: <20260224230108.GK3223@qaa.vinc17.org>
Date: Wed, 25 Feb 2026 00:01:08 +0100
From: Vincent Lefevre <vincent@...c17.net>
To: oss-security@...ts.openwall.com
Subject: Re: Telnetd Vulnerability Report

On 2026-02-24 12:48:14 -0800, Lyndon Nerenberg (VE7TFX/VE6BBM) wrote:
> > On Tue, Feb 24, 2026 at 05:05:58AM -0500, kf503bla@...k.com wrote:
> > > Who uses telnet anyway? It's deprecated. Everyone uses ssh for any kind of 
> > remote access.
> 
> TELNET != login.  Before you utter those words again in the same
> sentence, please read the Telnet RFC.  Notice how the term "login"
> appears nowhere in that document.

Here, this is not just about telnet, but about telnetd, which
involves a login process:

https://man.freebsd.org/cgi/man.cgi?query=telnetd&sektion=8&format=html

-- 
Vincent Lefèvre <vincent@...c17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / Pascaline project (LIP, ENS-Lyon)

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.