Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] Solaris telnet vulnberability - how many on your n

from [Rodrigo Barbosa] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] Solaris telnet vulnberability - how many on your network?
Date: Wed, 14 Feb 2007 18:09:09 -0200 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, Feb 12, 2007 at 12:00:30AM -0600, Gadi Evron wrote:

Johannes Ullrich from the SANS ISC sent this to me and then I saw it on
the DSHIELD list:

----
    If you run Solaris, please check if you got telnet enabled NOW. If you
    can, block port 23 at your perimeter. There is a fairly trivial
    Solaris telnet 0-day.

    telnet -l "-froot" [hostname]

    will give you root on many Solaris systems with default installs
    We are still testing. Please use our contact form at
    https://isc.sans.org/contact.html
    if you have any details about the use of this exploit.
----


- -l -froot ? Wow. We used to have bad bug on AIX, back in 1995 or so.
It was long fixed. If I recall correctly, it was also present on SunOS,
or maybe Solaris 1 or 2, but I'm not sure of anything but AIX.

[]s

- -- 
Rodrigo Barbosa
"Quid quid Latine dictum sit, altum viditur"
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFF02xlpdyWzQ5b5ckRAvn4AJ4/iugzlRRWBOuX+L28SYcizu/40QCgsxG9
V6Zi1d13THRoJ9Sl4lugfq8=
=rB7s
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: DotClear Full Path Disclosure Vulnerability, Cedric Blancher
Next by Date:  Re[2]: Solaris telnet vulnberability - how many on your network?, Thierry Zoller
Previous by Thread:  Re: [Full-disclosure] Solaris telnet vulnberability - how many on your network?, Darren Reed
Next by Thread:  Re: Solaris telnet vulnberability - how many on your network?, Leandro Gelasi
Indexes:  [Date] [Thread] [Top] [All Lists]