Slashdot Mirror

← Back to Stories (view on slashdot.org)

Worm Exploiting Solaris Telnetd Vulnerability

Posted by Zonk on from the beware-of-rotten-fruit dept.

MichaelSmith writes "Several news sites are reporting that a worm is starting to exploit the Solaris Telnet 0-day vulnerability. By adding simple text to the Telnet command, the system will skip asking for a username and password. If the systems are installed out of the box, they automatically come Telnet-enabled. 'The SANS Internet Storm Center, which monitors Internet threats, has noticed some increase in activity on the network port used by Solaris' telnet feature, according to an ISC blog posted on Tuesday. "One hopes that there aren't that many publicly reachable Solaris systems running telnet," ISC staffer Joel Esler wrote.'"

8 of 164 comments (clear)

  1. Sun don't shine by Anonymous Coward · · Score: 0, Funny

    I hate when I have worms where the Sun don't shine.

  2. Oh no by wumpus188 · · Score: 4, Funny

    These 4 users running telnet on solaris are gonna be pissed...

  3. Re:It's been a long day... by Cheapy · · Score: 3, Funny

    Sysadmins have been search this entire time to find a Solaris box to fix.

    They are still searching.

    --
    Would you kindly mod me +1 insightful?
  4. telwhat? by glwtta · · Score: 2, Funny

    Tell who?

    What year is it?

    --
    sic transit gloria mundi
  5. Re:Other Telnet vulnerabilities by geoffspear · · Score: 3, Funny

    I've yet to come across a printer that was running Solaris, but I'll certainly keep that in mind if I ever do.

    --
    Don't blame me; I'm never given mod points.
  6. Re:Yep. by Venik · · Score: 3, Funny

    I think the real question is: should Solaris telnetd have such an immense security hole?

  7. Re:*Cough* Microsoft *Cough* by fm6 · · Score: 2, Funny

    Since when was Microsoft known for usability?

  8. Re:Yep. by DieNadel · · Score: 2, Funny

    No, they do not!

    Stop repeating that!

    They don't use telnet, and that plaintext you see when sniffing their network is your natural ability to crack encryption.

    How many times do I have to tell you that you're special?!

    Now, back to the task I've given you. The NSA won't be lending me your brain again if you spend all my alloted time on /.

    --
    Utinam logica falsa tuam philosophiam totam suffodiant!