abadidea2d ago
enjoyed this telnetd analysis. (if you can’t believe anyone has a legitimate operational reason to run telnet, you live in a cozy world indeed) https://labs.watchtowr.com/a-32-year-old-bug-walks-into-a-telnet-server-gnu-inetutils-telnetd-cve-2026-32746/
A 32-Year-Old Bug Walks Into A Telnet Server (GNU inetutils Telnetd CVE-2026-32746)

A long, long time ago, in a land free of binary exploit mitigations, when Unix still roamed the Earth, there lived a pre-authentication Telnetd vulnerability. In fact, this vulnerability was born so long ago (way back in 1994) that it may even be older than you. To put the timespan

watchTowr Labs
Show threadRodger2d ago
@0xabad1dea it is delightful “That was so long ago that RISC was still a distant dream.” Made my eye twitch like an old man who realises that his youth has become sufficiently history that the details have flattened out
Show threadBrad Howes
@rodgerd @0xabad1dea that line about RISC caught my eye. It is not true, however. RISC systems started appearing in the 80s, especially the Sun SPARC ones that I used at my first job out of college in 1988.
Mar 25 at 8:02amMastodon for iOS