Sun

SANS has reported a verifiable zero-day exploit for Solaris 10 and beyond (Nevada et al). There is a vulnerability in telnetd that can allow attackers to login without a proper account and password.

Note that in recent releases of Solaris Nevada which are “Secure by default”, telnetd is disabled during installation. Earlier releases have telnet enabled and it should be disabled in almost all circumstances. The command to disable is

# svcadm disable telnet

Here is the Information Week article describing the problem and linking to SANS.

Pardon the large .pdf file, here are the course materials that I hand out to the students of my Solaris 10 Administration Workshop course. This year I’m teaching this course for both USENIX and the SANS 2007 conference. This particular handout is from the Dec 2006 USENIX LISA conference. Feedback welcome.

Also, here are the course materials that I hand out to the students of my Solaris 10 Security Workshop course. I’m teaching this course for both USENIX and the SANS 2007 conference. This particular handout is from the Dec 2006 USENIX LISA conference. Feedback welcome.