[原文]** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The Telnet service is running."
telnet Protocol Unencrypted Transmission Information Disclosure
Remote / Network Access
Loss of Confidentiality
The telnet protocol may allow a remote attacker to gain access to sensitive information. The issue is due to the protocol not encrypting the traffic sent between two machines. This allows an attacker with access to the network to potentially monitor or 'sniff' the traffic. Any information transmitted including logins, passwords and sensitive information may be disclosed to any attacker on the same subnet.
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: Disable telnet and other unencrypted protocols. Install an encrypted protocol such as SSH to handle remote access.