FBI warns as Unix server flaw gets automated | The Register

Skip to content

Security:

News Tools

Reg Shops

Top Stories

Read more top stories

Related Whitepapers

The Perfect (Virtual) Marriage
Deduplication and VMware
Enforce Your Email and Web Acceptable Usage Policies
Not Just Words
Making Green IT a Reality
Customer Perspectives on the Impact of Storage Vendor Decisions on Power, Cooling, & Space in Enterprise Data Centers
Search Engine Link Spam
Risks, Threats, Solution
Solution Brief: Reduce Energy Costs
With Green IT Solutions
Eliminating the Security Risk of Sending Confidential Information by Email
Email Encryption

The Register » Security »

FBI warns as Unix server flaw gets automated

The agony of x.c

By John Leyden → More by this author

Published Monday 3rd September 2001 17:14 GMT

A worm called x.c, which takes advantage of a buffer overflow vulnerability in the telnet daemon program commonly used on Unix boxes, has being discovered, and security experts fear it is a harbinger of worse to come.

Many of these organisations, such as the FBI's National Infrastructure Protection Centre, overplayed the destructive nature of the Code Red worm but that's not to say there isn't a problem here. The security loophole might allow an attacker to take control of a victim's system, and it is suspected as the root cause behind a number of recent hacks, so it's well worth reviewing the vulnerability.

The flaw, which was first reported last month, primarily affects BSD-derived Telnet daemons, which are used on Solaris, AIX, HP-UX and several versions of Linux-based servers, for example. More information on affected systems, possible workarounds and how to obtain fixes has been published by CERT and is available here. ®

Update

In our original story we had a headline that warned that the telnetd bug. This is an oversimplification that we've now deleted.

External Links

FBI Alert: Buffer Overflow Vulnerability in Telnet Daemon

Email Encryption report: Eliminating the Security Risk of Sending Confidential Information by Email

Track this type of story as a custom Atom/RSS feed or by email.

Post to Slashdot

Add to del.icio.us

Previous Article

From small embedded OS to the world's most used open mobile OS

whitepaper title

The Perfect (Virtual) Marriage

Get consistent virtual machine storage savings of 50% (often as high as 90%) with virtually no performance impact with NetApp deduplication..

whitepaper title

Enforce Your Email and Web Acceptable Usage Policies

Unmanaged employee use of email and the web can subject any organization to costly risks. Learn how clearly written Email and Web Acceptable Usage Policies (AUPs) can protect your business.

Whitepapers	Jobs
Average CPU Power (ACP) AXIGEN Product Review Reducing the complexity and cost of the print environment Traditional Security Systems will not Protect Against All Web-Borne Threats	Perl Consultant Database Administrator and Developer Remove non english characters small perl job Perl/Sybase Programmer Perl Developer Full-time PERL / CGI Programmer for UNIX environment

Top 20 stories • All The Week’s Headlines • Archive • Search