NetBSD Problem Report #59649

From www@netbsd.org  Fri Sep 12 04:23:16 2025
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 1E2C91A923C
	for <gnats-bugs@gnats.NetBSD.org>; Fri, 12 Sep 2025 04:23:16 +0000 (UTC)
Message-Id: <20250912042314.EF24D1A923D@mollari.NetBSD.org>
Date: Fri, 12 Sep 2025 04:23:14 +0000 (UTC)
From: TRECHOROS@proton.me
Reply-To: TRECHOROS@proton.me
To: gnats-bugs@NetBSD.org
Subject: Shim telnet to brut-force login
X-Send-Pr-Version: www-1.0

>Number:         59649
>Category:       security
>Synopsis:       Shim telnet to brut-force login
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    security-officer
>State:          open
>Class:          support
>Submitter-Id:   net
>Arrival-Date:   Fri Sep 12 04:25:00 +0000 2025
>Originator:     Justin-allen parrott
>Release:        Probably all bsd affected
>Organization:
(solo)
>Environment:
Theoretical
>Description:
Use inetd to shim telnet between the dictionary host and password attempt (login). On openbsd shim with ssh.
I mentioned this on security@ a few years ago and was met with hostility, an answer came to me as to how to use an suid.login to brute the user-host. If the attempt threads he could work through a dictionary at an accelerated rate, time delay require-ments wouldn't stop him.
>How-To-Repeat:
I have only thought this through, i don't have a host to test. i welcome civil feed-back.
>Fix:
Put your time-delay effect deeper into the system so that multiple login attempts are spaced.

Home	PR Database Search