> The issue was introduced during the development of Solaris 10 and not via
> OpenSolaris. It's present in all Solaris 10 releases (although thanks to
> Secure by Default in Solaris 10 11/06, the port in question is disabled by
> default in the current version).
actually you could not become roo
The issue was introduced during the development of Solaris 10 and not via
OpenSolaris. It's present in all Solaris 10 releases (although thanks to
Secure by Default in Solaris 10 11/06, the port in question is disabled by
default in the current version).
A reminder that official patches are n
I guess another thing to think about is when did the telnetd change, since
Solaris 9 and below do not have this problem. And I read somewhere that Solaris
10 (First release) did not have it.
Did the OpenSolaris community add this bug or was it from Sun and why was it
changed?
Only a thought;-)
[..]
>
> As a semi-related aside, I wonder how many people who enabled
> remote root logins are now bricking themselves (to use the UK
> vernacular) because of this exploit? :-)
>
>
I can't actually see this as an "exploit", perhaps a software bug...
anyway, better off using OpenSSH (or SunSSH)
On Mon, 12 Feb 2007, sundaram ramasamy wrote:
> I am also looking for patch for this. need to install few servers.
I think the best fix for this is to not run telnetd in the first
place. SSH is pretty much ubiquitous these days, and I really
don't see why people are still using ye olde telnet.
There is no patch yet, AFAIK.
Use - svcadm disable telnet
to disable telnet and you can't be exploited by the issue.
Then, just use ssh to access your servers.
Brett Albertson
This message posted from opensolaris.org
___
opensolaris-discuss mailing
I am also looking for patch for this. need to install few servers.
This message posted from opensolaris.org
___
opensolaris-discuss mailing list
opensolaris-discuss@opensolaris.org
