[rescue] Solaris 10 Remote-Root Exploit
erailine at gmail.com
Mon Feb 12 20:47:59 CST 2007
> On 2/12/07, Jonathan C. Patschke <jp at celestrion.net> wrote:
> > If you have any public-facing systems running Solaris's telnetd, you
> > should disable it now. Even turning off remote root logins is
> > insufficient, since this seems to bypass PAM.
For those who might not have seen it yet, there's an interesting blog
post on this exploit from Alan Hargreaves:
"Before I get into the meat of this posting, let me acknowledge that,
yes, this was an almighty cock up and should not have happened. It did
happen. Let's move on."
More information about the rescue