LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > Solaris / OpenSolaris
User Name
Password
Solaris / OpenSolaris This forum is for the discussion of Solaris, OpenSolaris, OpenIndiana, and illumos.
General Sun, SunOS and Sparc related questions also go here. Any Solaris fork or distribution is welcome.

Notices


Reply
  Search this Thread
Old 02-12-2007, 03:31 PM   #1
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
Solaris 10 & 11 telnet exploit allows remote root


ISC diary story on Solaris telnet vuln

Basically the telnet service daemon on Solaris 10 and 11 can be trivially exploited to allow unauthenticated login as any user, including root. The only complete fix is to disable the telnet service (which shouldn't be enabled in the first place, because you should be using ssh).
 
Old 02-12-2007, 05:24 PM   #2
Sintu
LQ Newbie
 
Registered: Jun 2006
Distribution: Ubuntu, Knoppix, any I can get my hands on!
Posts: 24

Rep: Reputation: 15
Eek, that be scary. Thanks for that post.
 
Old 02-13-2007, 03:56 AM   #3
jlliagre
Moderator
 
Registered: Feb 2004
Location: Outside Paris
Distribution: Solaris 11.4, Oracle Linux, Mint, Ubuntu/WSL
Posts: 9,782

Rep: Reputation: 481Reputation: 481Reputation: 481Reputation: 481Reputation: 481
Latest Solaris 10 and Solaris Express have telnet disabled by default.

Should you really want to keep telnet service open, there is a patch fixing the issue here: http://sunsolve.sun.com/pub-cgi/show...urity/tpatches

Edit: updated link
http://sunsolve.sun.com/search/docum...=1-26-102802-1

Last edited by jlliagre; 02-14-2007 at 01:33 AM.
 
Old 03-02-2007, 02:28 PM   #4
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Hi guys. Just wanted to give anyone reading this thread a heads-up that at least one worm using this exploit is out in the wild.
Quote:
A computer worm is using a recently disclosed flaw in Sun Microsystems' operating system to propagate, experts have warned.

The worm attempts to log into systems running Solaris 10, execute a number of commands to plant itself and then spread to other vulnerable computers, Jose Nazario, a senior software engineer at Arbor Networks, wrote on his company's blog on Tuesday in the US. Arbor sells network analysis products.

Sun confirmed the threat on Wednesday in an updated alert on its Web site. "There is at least one worm in existence that is making use of this exploit to compromise system integrity," Sun warned.
Worm targets Solaris telnet bug
 
  


Reply

Tags
telnet, vulnerability


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Solaris 10 root GNOME & CDE errors??? dsschanze Solaris / OpenSolaris 1 05-30-2005 01:05 PM
WARN: Remote Root Exploit in SuSE 9.1 Live CD Capt_Caveman Linux - Security 0 05-10-2004 09:39 PM
Remote connection (telnet & SSH) woes marioman Linux - General 2 09-29-2003 10:23 AM
WuFTPD strikes again - remote root exploit jeremy Linux - Security 0 11-29-2001 08:59 AM
Remote administration via telnet & serial terminal susx Linux - Networking 0 09-02-2001 04:33 PM

LinuxQuestions.org > Forums > Other *NIX Forums > Solaris / OpenSolaris

All times are GMT -5. The time now is 01:55 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration