[rescue] Solaris 10 Remote-Root Exploit

Magnus magnus at yonderway.com
Wed Feb 14 10:33:54 CST 2007

Peter Corlett wrote:

> A mooli.org.uk user is using a machine which has not had ssh ported to it,
> and the port would not be trivial since it's not terribly POSIX. For that
> reason alone, telnet and FTP are open to the world. Closing those ports cuts
> him off, and also one of my sources of crufty old hardware to play with :)
> But this possibly counts as an "absolute requirement".

Still, could he not firewall it off so that telnet is not open outside 
of the local subnet, and then he can telnet to it from another machine 
on the local subnet that he has ssh'd to from outside?

The way ssh config files work, he can appear to ssh directly into the 
host with a single ssh command instead of having to manually go through 
multiple hops.

More information about the rescue mailing list