USNCVA - Now Read This

NOW READ THIS
("Security Advisory")

Go Back

Submitted by: Bill Hickey
NCVA List Master

NRT-0051 Zero-Day SOLARIS Threat:

Security researchers reported a major flaw in SOLARIS 10's telnet application can be easily exploited. Exploit code has already been publicly posted. According to both the SANS Institute's Internet Storm Center (ISC) and Symantec's DeepSight threat network, the Sun Microsystems Inc. operating system allows a root user to log into any account without a password through the telnet daemon. If the telnet daemon is running as root, it allows un-authenticated remote logins. Symantec warns SOLARIS 10 users to immediately disable telnet. The daemon can be disabled with the command:
"svcadm disable telnet".

(ComputerWorld 12FEB07)

Last Modified: Sunday, 18-Feb-2007 08:35:56 EST

NOW READ THIS ("Security Advisory")

NRT-0051 Zero-Day SOLARIS Threat:

NOW READ THIS
("Security Advisory")