TELNET: Sun Solaris Telnet Remote Authentication Bypass
This signature detects attempts to exploit a known vulnerability against Sun Solaris Telnet. Versions 10 and 11 are vulnerable. Attackers can bypass the authentication and gain immediate access to the system as any user, including root if remote root telnet is permitted.
Extended Description
Sun Solaris 10 is prone to a vulnerability that allows remote attackers to bypass authentication. Successfully exploiting this issue allows remote attackers to gain remote access to vulnerable computers. If the targeted computer is configured to allow non-console logins for superusers, then remote superuser access is possible. Update: By exploiting the same underlying flaw, attackers may pass other arguments to the 'login' program, potentially allowing them to bypass other security restrictions. Attackers may potentially bypass the console-only requirement for superuser logins.
Affected Products
Sun solaris
References
BugTraq: 22512
CVE: CVE-2007-0882
URL: http://www.us-cert.gov/cas/techalerts/TA07-059A.html http://www.kb.cert.org/vuls/id/881872
Short Name
TELNET:EXPLOIT:SOL-AUTH-BYPASS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
TELNET
Keywords
Authentication Bypass CVE-2007-0882 Remote Solaris Sun Telnet bid:22512
Release Date
02/12/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3728
False Positive
Unknown
Vendors
Nortel_networks
Avaya
Sun
CVSS Score
10.0