lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <f3605ab90702131428k559e597h26a7d9c655dd988f@mail.gmail.com>
Date: Tue, 13 Feb 2007 14:28:30 -0800
From: "Ham Beast" <i.am.hambeast@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Solaris telnet vulnberability - how many on
	your network?

seriously why the fuck is 100000 email on the telnet of the solaris with
worthless content by gadi enron in mine inbox?

off take your jacket sports please !!!!!!!!

On 2/13/07, Casper.Dik@....com <Casper.Dik@....com> wrote:
>
>
> >On Tue, 13 Feb 2007 Casper.Dik@....COM wrote:
> >>
> >> >On Tue, 13 Feb 2007 Casper.Dik@....COM wrote:
> >> >>
> >> >> >
> >> >> >Am I missing something?  This vulnerability is close to 10 years
> old.
> >> >> >It was in one of the first versions of Solaris after Sun moved off
> of
> >> >> >the SunOS BSD platform and over to SysV.  It has specifically to do
> w=
> >> >> >ith
> >> >> >how arguments are processed via getopt() if I recall correctly.
> >> >>
> >> >> You're confused with AIX/Linux
> >> >>
> >> >> Solaris did not have the -f option in login until much later.
> >> >
> >> >Hi Casper. While we have you here, any idea on when Sun will be
> patching
> >> >this issue?
> >>
> >> Now, follow the links from http://sunsolve.sun.com/tpatches
> >>
> >> Casper
> >>
> >
> >Many thanks Casper! Can you give some more information on exactly what is
> >patched. Any Sun released advisory?
>
>
> The simplest possible fix on such short notice:
>
>
> http://cvs.opensolaris.org/source/diff/onnv/onnv-gate/usr/src/cmd/cmd-inet/usr.sbin/in.telnetd.c?r2=3629&r1=2923
>
> Casper
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ