| VID |
23003 |
| Severity |
40 |
| Port |
517,518 |
| Protocol |
UDP |
| Class |
TALKD |
| Detailed Description |
The talkd daemon is running.
The talkd daemon is a communication program that copies text and supports talk conversation between user's terminals or between remote users.
The talkd daemon include vulnerability that Malicious hackers may use it to abuse legitimate users by conversing with them with a false identity(social engineering). In addition to this, The security flaw in some old versions of the talkd daemon may be possible to force talkd to execute arbitrary commands by insufficient bounds checking on the buffer where the hostname is stored, as part of the talk connection.
* References:
http://www.cert.org/advisories/CA-1997-04.html
http://www.iss.net/security_center/static/2988.php |
| Recommendation |
Disable any talkd services if you don't use it.
1. Comment out talkd service lines in /etc/inetd.conf.
# grep -i talk /etc/inetd.conf
talk dgram udp wait root /usr/etc/in.talkd in.talkd
=> #talk dgram udp wait root /usr/etc/in.talkd in.talkd
2. Restart inetd by sending the inetd process a HUP signal.
* SYSV :
# ps -ef | grep inetd | grep -v grep
# kill -HUP {inetd PID}
* BSD :
# ps -aux | grep inetd | grep -v grep
# kill -HUP {inetd PID}
--- OR ---
Disable talkd access from the network by adding the approriate rule on your firewall. |
| Related URL |
CVE-1999-0048 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
