https://community.hpe.com/t5/operating-system-hp-ux/telnet-daemon-termcap-check/m-p/2565905#M759274 Telnet by nature sends plain text through the network, which is sniffable, there are numerous other problems with telnet besides this. Try installing SSH or OpenSSH. It will provide you the same functionality with an encrypted data stream.<BR /><A href="http://www.ssh.com" target="_blank">http://www.ssh.com</A><BR /><A href="http://www.openssh.com" target="_blank">http://www.openssh.com</A><BR /><BR />Hope this helps<BR /><BR />Brian Thu, 13 Sep 2001 15:42:56 GMT Brian Markus 2001-09-13T15:42:56Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-daemon-termcap-check/m-p/2565901#M759270 I am using HP-UX 11.0 <BR />for security auditing with cybercop , following is high risk result:<BR /><BR />Description: This module determines whether the remote telnet daemon is vulnerable<BR /> to a buffer overflow attack in the tgetent library routine when parsing <BR /> a terminal capability file. By uploading an alternate TERMCAP file, <BR /> an attacker can specify the path to this file and cause the telnet <BR /> daemon to execute arbitrary commands.<BR /> Security Concerns: Remote attackers can obtain superuser access remotely by connecting<BR /> to the telnet daemon.<BR /> Suggestion: Affected vendors have released patches for this problem. If your<BR /> system is found to be vulnerable to this attack, contact your operating<BR /> system vendor for a patch or upgrade to a more recent release.<BR /> Additionally, upgrading to a version of libtermcap more recent than <BR /> 2.0.8 or to a telnet daemon that relies on ncurses will eliminate this <BR /> vulnerability.<BR />------------------<BR /><BR />by the way I already install the latested telnet patch and cannot find any patch to resolved this risk.<BR /><BR />please advise,<BR />thanks Thu, 16 Aug 2001 06:48:48 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-daemon-termcap-check/m-p/2565901#M759270 Printaporn_1 2001-08-16T06:48:48Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-daemon-termcap-check/m-p/2565902#M759271 <BR />This is not a risk on HPux 11.xx Thu, 16 Aug 2001 11:52:37 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-daemon-termcap-check/m-p/2565902#M759271 harry d brown jr 2001-08-16T11:52:37Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-daemon-termcap-check/m-p/2565903#M759272 Secure your telnet daemon allowing only incoming sessions from local networt (edit /var/adm/inetd.sec file). And monitorize logins and bad logins connections using last and lastb commands. Look permissions at /var/adm/bmtp and /var/adm/wtmp files. Fri, 17 Aug 2001 05:23:13 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-daemon-termcap-check/m-p/2565903#M759272 Manuel P. Ron 2001-08-17T05:23:13Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-daemon-termcap-check/m-p/2565904#M759273 telnetd is per se a security risk:<BR /><A href="http://www.securityportal.com/cover/coverstory20000814.html" target="_blank">http://www.securityportal.com/cover/coverstory20000814.html</A><BR /><BR />Disable it, and also tighten security by using tcp_wrappers.<BR /> Fri, 17 Aug 2001 10:38:31 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-daemon-termcap-check/m-p/2565904#M759273 Ralf Hildebrandt 2001-08-17T10:38:31Z https://community.hpe.com/t5/operating-system-hp-ux/telnet-daemon-termcap-check/m-p/2565905#M759274 Telnet by nature sends plain text through the network, which is sniffable, there are numerous other problems with telnet besides this. Try installing SSH or OpenSSH. It will provide you the same functionality with an encrypted data stream.<BR /><A href="http://www.ssh.com" target="_blank">http://www.ssh.com</A><BR /><A href="http://www.openssh.com" target="_blank">http://www.openssh.com</A><BR /><BR />Hope this helps<BR /><BR />Brian Thu, 13 Sep 2001 15:42:56 GMT https://community.hpe.com/t5/operating-system-hp-ux/telnet-daemon-termcap-check/m-p/2565905#M759274 Brian Markus 2001-09-13T15:42:56Z