Package: ckermit Version: 211-7 Severity: normal The kermit server, iksd, allows remote users to identify valid accounts on the system with minimal effort. Telnet to the iksd port, and enter a username. If the username exists, then a password prompt is displayed. If it doesn't, then an authentication failure is returned immediately. This makes it trivial to find out which usernames are valid on the remote system and which aren't.
-- System Information: Debian Release: 4.0 APT prefers experimental APT policy: (1000, 'experimental'), (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-4-686 Locale: LANG=en_AU, LC_CTYPE=en_AU (charmap=ISO-8859-1) Versions of packages ckermit depends on: ii debconf [debconf-2.0] 1.5.13 Debian configuration management sy ii libc6 2.5-0exp6 GNU C Library: Shared libraries ii libncurses5 5.5-5 Shared libraries for terminal hand ii libpam0g 0.79-4 Pluggable Authentication Modules l ii libsocksd 1.1.18-2.1 SOCKS library for packages built u ii netbase 4.29 Basic TCP/IP networking system Versions of packages ckermit recommends: ii openssh-client [ssh-client] 1:4.3p2-9 Secure shell client, an rlogin/rsh -- debconf information excluded -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
