Solaris telnet vulnberability - how many on your network? Feb 12 2007 06:00AM
Gadi Evron (ge linuxbox org) (2 replies)
Johannes Ullrich from the SANS ISC sent this to me and then I saw it on
the DSHIELD list:

----
If you run Solaris, please check if you got telnet enabled NOW. If you
can, block port 23 at your perimeter. There is a fairly trivial
Solaris telnet 0-day.

telnet -l "-froot" [hostname]

will give you root on many Solaris systems with default installs
We are still testing. Please use our contact form at
https://isc.sans.org/contact.html
if you have any details about the use of this exploit.
----

You mean they still use telnet?!

Update from HD Moore:
"but this bug isnt -froot, its -fanythingbutroot =P"

On the exploits@ mailing list and on DSHIELD this vulnerability was
verified as real.

If Sun doesn't yet block port 23/tcp incoming on their /8, I'd make it a
strong suggestion.

Anyone else running Solaris?

Gadi.

[ reply ]
Re: Solaris telnet vulnberability - how many on your network? Feb 14 2007 10:41AM
Leandro Gelasi (leandro gelasi tiscali it)
RE: Solaris telnet vulnberability - how many on your network? Feb 13 2007 06:10AM
Oliver Friedrichs (oliver_friedrichs symantec com) (2 replies)
Re: Solaris telnet vulnberability - how many on your network? Feb 13 2007 06:11PM
Casper Dik Sun COM (1 replies)
Re: Solaris telnet vulnberability - how many on your network? Feb 13 2007 08:49PM
Gadi Evron (ge linuxbox org) (1 replies)
Re: Solaris telnet vulnberability - how many on your network? Feb 13 2007 08:53PM
Casper Dik Sun COM (1 replies)
Re: Solaris telnet vulnberability - how many on your network? Feb 13 2007 08:56PM
Gadi Evron (ge linuxbox org) (2 replies)
Re: Solaris telnet vulnberability - how many on your network? Feb 13 2007 09:00PM
Casper Dik Sun COM (1 replies)
Re: Solaris telnet vulnberability - how many on your network? Feb 14 2007 12:16AM
Joe Shamblin (wjs cs duke edu) (3 replies)
Re: Solaris telnet vulnberability - how many on your network? Feb 15 2007 06:51AM
Darren Reed (avalon caligula anu edu au)
RE: [Full-disclosure] Solaris telnet vulnberability - how many onyour network? Feb 14 2007 02:25PM
David Taylor (ltr isc upenn edu)
Re: Solaris telnet vulnberability - how many on your network? Feb 13 2007 08:59PM
Gadi Evron (ge linuxbox org)
RE: Solaris telnet vulnberability - how many on your network? Feb 13 2007 09:46AM
Gadi Evron (ge linuxbox org) (2 replies)
Re: Solaris telnet vulnberability - how many on your network? Feb 13 2007 08:19PM
georg oppenberg deu mci com
RE: Solaris telnet vulnberability - how many on your network? Feb 13 2007 07:36PM
Michal Zalewski (lcamtuf dione ids pl) (1 replies)
Re: Solaris telnet vulnberability - how many on your network? Feb 13 2007 09:01PM
Casper Dik Sun COM (2 replies)
Re[2]: Solaris telnet vulnberability - how many on your network? Feb 14 2007 12:32AM
Thierry Zoller (Thierry Zoller lu) (2 replies)
Re: Re[2]: Solaris telnet vulnberability - how many on your network? Feb 15 2007 06:49AM
Darren Reed (avalon caligula anu edu au) (2 replies)
Reflections on Trusting Trust [was: Re: Solaris telnet ...] Feb 16 2007 01:19AM
Gadi Evron (ge linuxbox org)
RE: Re[2]: Solaris telnet vulnberability - how many on your network? Feb 15 2007 07:10PM
Evans, Thomas (ttevans hawkcorp net)
RE: Re[2]: Solaris telnet vulnberability - how many on your network? Feb 14 2007 09:28PM
Roger A. Grimes (roger banneretcs com) (1 replies)
RE: Re[2]: Solaris telnet vulnberability - how many on your network? Feb 15 2007 12:55AM
Gadi Evron (ge linuxbox org)
Re: Solaris telnet vulnberability - how many on your network? Feb 13 2007 09:08PM
Gadi Evron (ge linuxbox org) (1 replies)
Re: Solaris telnet vulnberability - how many on your network? Feb 14 2007 09:15PM
Damien Miller (djm mindrot org) (1 replies)
Re: Solaris telnet vulnberability - how many on your network? Feb 15 2007 12:50AM
Gadi Evron (ge linuxbox org)


 

Privacy Statement
Copyright 2010, SecurityFocus