The Computer Emergency Response Team (CERT) has issued an advisory warning anyone that uses Telnet to upload files onto servers based on the Berkeley Software Design (BSD) operating system.
That’s because there is a vulnerability that can “crash the server or be leveraged to gain root access,” CERT warned.
The vulnerability resides in a remotely exploitable buffer overflow in telnet daemons derived from BSD source code.
The CERT advisory went on to say that the only solution is to install a patch from your vendor, if one is available.
According to a report on Newsbytes.com, hundreds of servers running the BSD operating system have been defaced since the buffer overflow bug was publicized last week, including the server of Palnet Communications Ltd., a Jerusalem-based Web hosting firm, by a pro-Israeli hacking group calling itself “m0sad.”