[rescue] Solaris 10 Remote-Root Exploit
lionel4287 at verizon.net
Wed Feb 14 10:30:26 CST 2007
>From: Patrick Giagnocavo <patrick at zill.net>
>Date: 2007/02/14 Wed AM 10:08:31 CST
>To: The Rescue List <rescue at sunhelp.org>
>Subject: Re: [rescue] Solaris 10 Remote-Root Exploit
>On Feb 14, 2007, at 9:57 AM, Magnus wrote:
>> Jonathan C. Patschke wrote:
>>> If you have any public-facing systems running Solaris's telnetd, you
>>> should disable it now.
>> Some would argue it never should have been enabled in the first place.
>I can't understand the level of noise this "exploit" is generating.
>IMHO only an idiot would leave telnet on unless there was an absolute
Well, I think it is based on the idea that it is a chance for linux weenies
to dump on a commercial Unix vendor. Most sysadmins I've heard from say
something to the effect of "well, DUH - telnet is insecure, and the
resolution is trivial (turn off telnet)" If you need telnet, I think there is
a fix already available - end of story.
I was interested in it because I had some time and it looked like an
interesting problem (I don't have any public-facing Solaris servers, but I
plan to later this week)...
More information about the rescue