ProductsDesktop Server Red Hat Enterprise Linux OpenStack Platform For IBM POWER For IBM System z For SAP Business Applications Red Hat Satellite Management For Scientific ComputingExtended Update Support High Availability High Performance Network Load Balancer Resilient Storage Scalable File System Smart Management Extended Lifecycle SupportAccelerate Automate Integrate Red Hat JBoss BPM Suite Red Hat JBoss Developer Studio Portfolio Edition Web Framework Kit Application Platform Web Server Data Grid Portal Fuse Red Hat JBoss A-MQ BRMS Red Hat JBoss Fuse Service Works JBoss Operations Network JBoss Community or JBoss enterprise Red Hat JBoss Data Virtualization
SolutionsWhy Red Hat Why open hybrid cloud? The new IT Public cloud Cloud resource library Private cloud Infrastructure-as-a-Service (IaaS) Platform-as-a-Service (PaaS) Cloud applications and workloadsSolaris to Red Hat Enterprise Linux Migration overview Migrate from your UNIX platform How to migrate to Red Hat Enterprise Linux Upgrade to the latest Red Hat Enterprise Linux release JBoss Enterprise Middleware Benefits of migrating to Red Hat Enterprise Linux Migration services Start a conversation with Red Hat
TrainingPopular and new courses Red Hat JBoss Administration curriculum Core System Administration curriculum Red Hat JBoss Middleware Development curriculum Advanced System Administration curriculum Linux Development curriculum Cloud Computing, Virtualization, and Storage curriculum
ConsultingSOA and integration Business process management Cloud and virtualization Custom Software Development Enterprise Data and Storage Systems management Migrations
Critical Kerberos Telnet Daemon Flaw
April 3, 2007
by Security Team
A critical flaw was announced today that affects the MIT Kerberos telnet daemon, distributed with all versions of Red Hat Enterprise Linux. With this flaw, an attacker who can access the telnet port of a target machine could log in remotely as root without requiring a password.
The Kerberos telnet daemon is not enabled by default in any version of Red Hat Enterprise Linux. In addition, the default firewall rules block remote access to the telnet port.
This flaw is similar to the Solaris telnet daemon flaw reported earlier in the year, but the exact flaw and exploit mechanism are technically slightly different.
While we are not aware of this flaw being actively exploited at this time, we have confirmed that this would not be difficult. We therefore urge all users who have enabled the Kerberos telnet daemon to apply the update as soon as possible, and to disable the daemon in the meantime.
Red Hat would like to thank MIT for reporting this flaw. This issue was assigned CVE itentifier CVE-2007-0956 and was reported to the Red Hat security response team on February 21, 2007 with an embargo date of April 3, 2007.