Home > Uncategorized > Solaris 10 + zero-day attack

Solaris 10 + zero-day attack

February 12th, 2007

SANS has reported a verifiable zero-day exploit for Solaris 10 and beyond (Nevada et al). There is a vulnerability in telnetd that can allow attackers to login without a proper account and password.

 

Note that in recent releases of Solaris Nevada which are “Secure by default”, telnetd is disabled during installation. Earlier releases have telnet enabled and it should be disabled in almost all circumstances. The command to disable is

# svcadm disable telnet

 

Here is the Information Week article describing the problem and linking to SANS.

Be Sociable, Share!

  1. My Course Handout for the Solaris 10 Security Workshop Course
  2. My Course Handout for the Solaris 10 Administration Workshop Course
  3. Teaching a SANS 2007
  4. LISA 2008 conference Call for Papers
  5. Teaching at SANSFIRE

Categories: Uncategorized Tags:
Comments are closed.