oss-sec mailing list archives
Re: Telnetd Vulnerability Report
From: Eddie Chapman <eddie () ehuk net>
Date: Tue, 24 Feb 2026 23:18:39 +0000
On 24/02/2026 20:33, Solar Designer wrote:
On Tue, Feb 24, 2026 at 05:05:58AM -0500, kf503bla () duck com wrote:Who uses telnet anyway? It's deprecated. Everyone uses ssh for any kind of remote access.Indeed. Yet: Quite many people surely do still use a telnet client to access various older/smaller devices
Yes. I would hazard a guess that the largest cohort of devices running a telnet server are enterprise switches, gateways & routers. So many times over the years I've been surprised to find a switch I'm configuring has a telnet as well as the obligatory http(s) server available for the admin to login via.
Albeit to a lesser extent these days, and more likely BusyBox telnetd than InetUtils. But switches are one of the most likely pieces of kit to be forgotten about and left running for 10+ years in a closet without a firmware update. There are a LOT of old switches running out there.
Current thread:
- Re: Telnetd Vulnerability Report, (continued)
- Re: Telnetd Vulnerability Report Solar Designer (Feb 24)
- Re: Telnetd Vulnerability Report Lyndon Nerenberg (VE7TFX/VE6BBM) (Feb 24)
- Re: Telnetd Vulnerability Report Vincent Lefevre (Feb 24)
- Message not available
- Re: Telnetd Vulnerability Report kf503bla (Feb 25)
- Re: Telnetd Vulnerability Report Solar Designer (Feb 25)
- Re: Telnetd Vulnerability Report Steffen Nurpmeso (Feb 25)
- Re: Telnetd Vulnerability Report Marco Moock (Feb 25)
- Re: Telnetd Vulnerability Report Steffen Nurpmeso (Feb 25)
- Re: Telnetd Vulnerability Report Lyndon Nerenberg (VE7TFX/VE6BBM) (Feb 25)
- Re: Telnetd Vulnerability Report Albert Veli (Feb 26)
- Re: Telnetd Vulnerability Report Eddie Chapman (Feb 24)
- Re: Telnetd Vulnerability Report Justin Swartz (Feb 24)
- Re: Telnetd Vulnerability Report Eddie Chapman (Feb 24)
- Re: Re: Telnetd Vulnerability Report Marco Moock (Feb 25)
- Re: Re: Telnetd Vulnerability Report Florian Weimer (Feb 26)