Re: Solaris telnet vulnberability - how many on your network?

To: Oliver Friedrichs <oliver_friedrichs@xxxxxxxxxxxx>
Subject: Re: Solaris telnet vulnberability - how many on your network?
From: Casper.Dik@xxxxxxx
Date: Tue, 13 Feb 2007 19:11:55 +0100
Cc: Gadi Evron <ge@xxxxxxxxxxxx>, bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
In-reply-to: <78206369ABE25F4BAFC3FBC8858B09D0023E5B99@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <Pine.LNX.4.21.0702112359400.26645-100000@xxxxxxxxxxxx> <78206369ABE25F4BAFC3FBC8858B09D0023E5B99@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: casper@xxxxxxxxxxxxxxx

>
>Am I missing something?  This vulnerability is close to 10 years old.
>It was in one of the first versions of Solaris after Sun moved off of
>the SunOS BSD platform and over to SysV.  It has specifically to do w=
>ith
>how arguments are processed via getopt() if I recall correctly.

You're confused with AIX/Linux

Solaris did not have the -f option in login until much later.

Casper

Follow-Ups:
- Re: Solaris telnet vulnberability - how many on your network?
  - From: Gadi Evron

References:
- Solaris telnet vulnberability - how many on your network?
  - From: Gadi Evron
- RE: Solaris telnet vulnberability - how many on your network?
  - From: Oliver Friedrichs

Prev by Date: Re: DotClear Full Path Disclosure Vulnerability
Next by Date: Re: DotClear Full Path Disclosure Vulnerability
Previous by thread: Re: Solaris telnet vulnberability - how many on your network?
Next by thread: Re: Solaris telnet vulnberability - how many on your network?
Index(es):
- Date
- Thread