[rescue] Solaris 10 Remote-Root Exploit
Eric Railine
erailine at gmail.com
Mon Feb 12 20:47:59 CST 2007
> On 2/12/07, Jonathan C. Patschke <jp at celestrion.net> wrote:
> > If you have any public-facing systems running Solaris's telnetd, you
> > should disable it now. Even turning off remote root logins is
> > insufficient, since this seems to bypass PAM.
For those who might not have seen it yet, there's an interesting blog
post on this exploit from Alan Hargreaves:
"Before I get into the meat of this posting, let me acknowledge that,
yes, this was an almighty cock up and should not have happened. It did
happen. Let's move on."
http://blogs.sun.com/tpenta/entry/the_in_telnetd_vulnerability_exploit
-Eric
More information about the rescue
mailing list