abadidea2d ago
enjoyed this telnetd analysis. (if you can’t believe anyone has a legitimate operational reason to run telnet, you live in a cozy world indeed) https://labs.watchtowr.com/a-32-year-old-bug-walks-into-a-telnet-server-gnu-inetutils-telnetd-cve-2026-32746/
A 32-Year-Old Bug Walks Into A Telnet Server (GNU inetutils Telnetd CVE-2026-32746)

A long, long time ago, in a land free of binary exploit mitigations, when Unix still roamed the Earth, there lived a pre-authentication Telnetd vulnerability. In fact, this vulnerability was born so long ago (way back in 1994) that it may even be older than you. To put the timespan

watchTowr Labs
Show threadGlyph2d ago
@0xabad1dea do you have a specific example of such a legit need? I do not typically think of myself as “sheltered” but this one eludes me
Show threadabadidea2d ago
@glyph wander into any factory in the world and you'll find 30yo industrial machinery that's been running the same firmware the entire time and trying to fiddle with it is liable to end the business
Show threadTrammell Hudson2d ago
@0xabad1dea @glyph I visited a semiconductor fab in Chippewa Falls in 2013 and was shocked to find that the production line also doubled as a retrocomputing museum with Sun 3 and VAX hardware still in operation.
Show threadjulf2d ago
@th @0xabad1dea @glyph I assume the Cray was not operational any more?
Show threadTrammell Hudson
@julf that Cray XMP was a static display and no longer operational. my guess is they don't have anyone who can rewire it.
Mar 25 at 10:20amWeb
Show threadjulf2d ago
@th Wow! They need a Jacquard loom...