Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Solaris telnet vulnberability - how many on your network?

From: Joe Beasley <securityadmin () joebeasley org>
Date: Thu, 15 Feb 2007 13:55:19 -0600
Darren Reed wrote:

In some mail from Joe Shamblin, sie said:
  

How about just uncommenting the following from /etc/default/login

# If CONSOLE is set, root can only login on that device.
# Comment this line out to allow remote login by root.
#
CONSOLE=/dev/console

Not a fix to be sure, but at least prevents a remote login.
    


This only controls access to the account known as root.

I'll wager that there are other accounts you could use this
to get access to (that you shouldn't be able to) which could
lead to various sorts of security issues.

Darren
  

You can login with any account in /etc/passwd.  I logged in as "bin" to 
one of my boxes.
We don't allow root, so that did not work.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: