| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 14 Feb 2007 18:09:09 -0200 From: Rodrigo Barbosa <rodrigob@...kover.org> To: Gadi Evron <ge@...uxbox.org> Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: Re: Solaris telnet vulnberability - how many on your network? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, Feb 12, 2007 at 12:00:30AM -0600, Gadi Evron wrote: > Johannes Ullrich from the SANS ISC sent this to me and then I saw it on > the DSHIELD list: > > ---- > If you run Solaris, please check if you got telnet enabled NOW. If you > can, block port 23 at your perimeter. There is a fairly trivial > Solaris telnet 0-day. > > telnet -l "-froot" [hostname] > > will give you root on many Solaris systems with default installs > We are still testing. Please use our contact form at > https://isc.sans.org/contact.html > if you have any details about the use of this exploit. > ---- - -l -froot ? Wow. We used to have bad bug on AIX, back in 1995 or so. It was long fixed. If I recall correctly, it was also present on SunOS, or maybe Solaris 1 or 2, but I'm not sure of anything but AIX. []s - -- Rodrigo Barbosa "Quid quid Latine dictum sit, altum viditur" "Be excellent to each other ..." - Bill & Ted (Wyld Stallyns) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFF02xlpdyWzQ5b5ckRAvn4AJ4/iugzlRRWBOuX+L28SYcizu/40QCgsxG9 V6Zi1d13THRoJ9Sl4lugfq8= =rB7s -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists