Post B2UNpGg6plU4X0eGPI by mttaggart@infosec.exchange
 (DIR) More posts by mttaggart@infosec.exchange
 (DIR) Post #B2UNpGg6plU4X0eGPI by mttaggart@infosec.exchange
       2026-01-20T20:47:28Z
       
       0 likes, 0 repeats
       
       WowowowIf the client supply[sic] a carefully crafted USER environment value being the string "-f root", and passes the telnet(1) -a or --login parameter to send this USER environment to the server, the client will be automatically logged in as root bypassing normal authentication processes.https://seclists.org/oss-sec/2026/q1/89
       
 (DIR) Post #B2UNpIFwxzkPQSQOuW by mttaggart@infosec.exchange
       2026-01-20T21:29:41Z
       
       1 likes, 0 repeats
       
       Well dang