There is a major zero day bug announced in solaris 10 and 11 with the telnet and login combination. It has been verified. In my opinion NOBODY be should running telnet open to the internet.
http://isc.sans.org/diary.html?storyid=2220
Exploit - http://www.milw0rm.com/exploits/3293
We killed the floppy, why can't we kill rshell services....
No comments:
Post a Comment