Full Disclosure mailing list archives
Re: Solaris telnet vulnberability - how many onyour network?
From: "David Taylor" <ltr () isc upenn edu>
Date: Wed, 14 Feb 2007 09:25:52 -0500
A patch has been released. http://sunsolve.sun.com/search/document.do?assetkey=1-26-102802-1 ================================================== David Taylor //Sr. Information Security Specialist University of Pennsylvania Information Security Philadelphia PA USA (215) 898-1236 http://www.upenn.edu/computing/security/ ================================================== -----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Joe Shamblin Sent: Tuesday, February 13, 2007 7:17 PM To: Casper.Dik () Sun COM Cc: Oliver Friedrichs; bugtraq () securityfocus com; full-disclosure () lists grok org uk; Gadi Evron Subject: Re: [Full-disclosure] Solaris telnet vulnberability - how many onyour network? Casper.Dik () Sun COM wrote:
On Tue, 13 Feb 2007 Casper.Dik () Sun COM wrote:On Tue, 13 Feb 2007 Casper.Dik () Sun COM wrote:Am I missing something? This vulnerability is close to 10 years old. It was in one of the first versions of Solaris after Sun moved off of the SunOS BSD platform and over to SysV. It has specifically to do
w=
ith how arguments are processed via getopt() if I recall correctly.You're confused with AIX/Linux Solaris did not have the -f option in login until much later.Hi Casper. While we have you here, any idea on when Sun will be
patching
this issue?Now, follow the links from http://sunsolve.sun.com/tpatches CasperMany thanks Casper! Can you give some more information on exactly what is patched. Any Sun released advisory?The simplest possible fix on such short notice:
http://cvs.opensolaris.org/source/diff/onnv/onnv-gate/usr/src/cmd/cmd-inet/u sr.sbin/in.telnetd.c?r2=3629&r1=2923
Casper
How about just uncommenting the following from /etc/default/login # If CONSOLE is set, root can only login on that device. # Comment this line out to allow remote login by root. # CONSOLE=/dev/console Not a fix to be sure, but at least prevents a remote login. Joe -- Joe Shamblin wjs () cs duke edu Senior Systems Administrator Department of Computer Science (919) 660-6582 Duke University _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Solaris telnet vulnberability - how many on your network?, (continued)
- Re: Solaris telnet vulnberability - how many on your network? Adrian Sanabria (Feb 14)
- Re: Solaris telnet vulnberability - how many on your network? Casper . Dik (Feb 13)
- Re: Solaris telnet vulnberability - how many on your network? Gadi Evron (Feb 13)
- Re: Solaris telnet vulnberability - how many on your network? Casper . Dik (Feb 13)
- Re: Solaris telnet vulnberability - how many on your network? Gadi Evron (Feb 13)
- Re: Solaris telnet vulnberability - how many on your network? Gadi Evron (Feb 13)
- Re: Solaris telnet vulnberability - how many on your network? Casper . Dik (Feb 13)
- Re: Solaris telnet vulnberability - how many on your network? Ham Beast (Feb 13)
- Re: Solaris telnet vulnberability - how many on your network? Joe Shamblin (Feb 14)
- Re: Solaris telnet vulnberability - how many on your network? Casper . Dik (Feb 14)
- Re: Solaris telnet vulnberability - how many onyour network? David Taylor (Feb 14)
- Re: Solaris telnet vulnberability - how many on your network? Darren Reed (Feb 15)
- Re: Solaris telnet vulnberability - how many on your network? Joe Beasley (Feb 16)