Bugtraq mailing list archives

Re: Solaris telnet vulnberability - how many on your network?

From: Gadi Evron <ge () linuxbox org>
Date: Tue, 13 Feb 2007 14:56:04 -0600 (CST)

On Tue, 13 Feb 2007 Casper.Dik () Sun COM wrote:

On Tue, 13 Feb 2007 Casper.Dik () Sun COM wrote:


Am I missing something?  This vulnerability is close to 10 years old.
It was in one of the first versions of Solaris after Sun moved off of
the SunOS BSD platform and over to SysV.  It has specifically to do w=
ith
how arguments are processed via getopt() if I recall correctly.


You're confused with AIX/Linux

Solaris did not have the -f option in login until much later.


Hi Casper. While we have you here, any idea on when Sun will be patching
this issue?


Now, follow the links from http://sunsolve.sun.com/tpatches

Casper


Many thanks Casper! Can you give some more information on exactly what is
patched. Any Sun released advisory?

Thanks again,

        Gadi.

Current thread:

Re[2]: Solaris telnet vulnberability - how many on your network?, (continued)
- - - Re[2]: Solaris telnet vulnberability - how many on your network? Thierry Zoller (Feb 14)
    - RE: Re[2]: Solaris telnet vulnberability - how many on your network? Roger A. Grimes (Feb 14)
    - RE: Re[2]: Solaris telnet vulnberability - how many on your network? Gadi Evron (Feb 15)
    - Re: Re[2]: Solaris telnet vulnberability - how many on your network? Darren Reed (Feb 15)
    - RE: Re[2]: Solaris telnet vulnberability - how many on your network? Evans, Thomas (Feb 15)
    - Reflections on Trusting Trust [was: Re: Solaris telnet ...] Gadi Evron (Feb 16)
    - Re: Solaris telnet vulnberability - how many on your network? georg . oppenberg (Feb 13)
  - Re: Solaris telnet vulnberability - how many on your network? Casper . Dik (Feb 13)
    - Re: Solaris telnet vulnberability - how many on your network? Gadi Evron (Feb 13)
    - Re: Solaris telnet vulnberability - how many on your network? Casper . Dik (Feb 13)
    - Re: Solaris telnet vulnberability - how many on your network? Gadi Evron (Feb 13)
    - Re: Solaris telnet vulnberability - how many on your network? Gadi Evron (Feb 13)
    - Re: Solaris telnet vulnberability - how many on your network? Casper . Dik (Feb 13)
    - Re: Solaris telnet vulnberability - how many on your network? Joe Shamblin (Feb 14)
    - Re: Solaris telnet vulnberability - how many on your network? Casper . Dik (Feb 14)
    - RE: [Full-disclosure] Solaris telnet vulnberability - how many onyour network? David Taylor (Feb 14)
    - Re: Solaris telnet vulnberability - how many on your network? Darren Reed (Feb 15)
- Re: Solaris telnet vulnberability - how many on your network? Leandro Gelasi (Feb 14)
- Re: Solaris telnet vulnberability - how many on your network? thefinn12345 (Feb 15)
- Re: Re: Solaris telnet vulnberability - how many on your network? thefinn12345 (Feb 15)
  - RE: Re: Solaris telnet vulnberability - how many on your network? Roger A. Grimes (Feb 15)

(Thread continues...)