Signature Detail
Short Name |
TELNET:EXPLOIT:SOL-AUTH-BYPASS |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
TELNET |
Keywords |
Sun Solaris Telnet Remote Authentication Bypass |
Release Date |
2007/02/12 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
TELNET: Sun Solaris Telnet Remote Authentication Bypass
This signature detects attempts to exploit a known vulnerability against Sun Solaris Telnet. Versions 10 and 11 are vulnerable. Attackers can bypass the authentication and gain immediate access to the system as any user, including root if remote root telnet is permitted.
Extended Description
Sun Solaris 10 is prone to a vulnerability that allows remote attackers to bypass authentication. Successfully exploiting this issue allows remote attackers to gain remote access to vulnerable computers. If the targeted computer is configured to allow non-console logins for superusers, then remote superuser access is possible. Update: By exploiting the same underlying flaw, attackers may pass other arguments to the 'login' program, potentially allowing them to bypass other security restrictions. Attackers may potentially bypass the console-only requirement for superuser logins.
Affected Products
- Avaya Interactive Response 2.0
- Nortel Networks Media Processing Svr 1000 Rel 3.0
- Nortel Networks Media Processing Svr 500 Rel 3.0
- Nortel Networks Self-Service - CCSS7
- Nortel Networks Self-Service - Peri Application Rel 3.0
- Sun Solaris 10 Sparc
- Sun Solaris 10 X86
References
- BugTraq: 22512
- CVE: CVE-2007-0882
- URL: http://www.us-cert.gov/cas/techalerts/TA07-059A.html
- URL: http://www.kb.cert.org/vuls/id/881872