Back to search

Linux BSD-derived Telnet Service Encryption Key ID Buffer Overflow

This module exploits a buffer overflow in the encryption option handler of the Linux BSD-derived telnet service (inetutils or krb5-telnet). Most Linux distributions use NetKit-derived telnet daemons, so this flaw only applies to a small subset of Linux systems running telnetd.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

exploit/linux/telnet/telnet_encrypt_keyid

Authors

  • Jaime Penalba Estebanez <jpenalbae [at] gmail.com>
  • Brandon Perry <bperry.volatile [at] gmail.com>
  • Dan Rosenberg
  • hdm <x [at] hdm.io>

References

Targets

  • Automatic
  • Red Hat Enterprise Linux 3 (krb5-telnet)

Platforms

  • linux

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use exploit/linux/telnet/telnet_encrypt_keyid msf exploit(telnet_encrypt_keyid) > show targets ...targets... msf exploit(telnet_encrypt_keyid) > set TARGET <target-id> msf exploit(telnet_encrypt_keyid) > show options ...show and set options... msf exploit(telnet_encrypt_keyid) > exploit

Related Vulnerabilities

Related Modules