[rescue] Solaris 10 Remote-Root Exploit

Lionel Peterson lionel4287 at verizon.net
Wed Feb 14 10:30:26 CST 2007

>From: Patrick Giagnocavo <patrick at zill.net>
>Date: 2007/02/14 Wed AM 10:08:31 CST
>To: The Rescue List <rescue at sunhelp.org>
>Subject: Re: [rescue] Solaris 10 Remote-Root Exploit

>On Feb 14, 2007, at 9:57 AM, Magnus wrote:
>> Jonathan C. Patschke wrote:
>>> If you have any public-facing systems running Solaris's telnetd, you
>>> should disable it now.
>> Some would argue it never should have been enabled in the first place.
>I can't understand the level of noise this "exploit" is generating.
>IMHO only an idiot would leave telnet on unless there was an absolute 

Well, I think it is based on the idea that it is a chance for linux weenies 
to dump on a commercial Unix vendor. Most sysadmins I've heard from say 
something to the effect of "well, DUH - telnet is insecure, and the 
resolution is trivial (turn off telnet)" If you need telnet, I think there is 
a fix already available - end of story.

I was interested in it because I had some time and it looked like an 
interesting problem (I don't have any public-facing Solaris servers, but I 
plan to later this week)...


More information about the rescue mailing list