Re: Solaris telnet vulnberability - how many on your network?

To: Casper.Dik@xxxxxxx
Subject: Re: Solaris telnet vulnberability - how many on your network?
From: Gadi Evron <ge@xxxxxxxxxxxx>
Date: Tue, 13 Feb 2007 14:49:24 -0600 (CST)
Cc: Oliver Friedrichs <oliver_friedrichs@xxxxxxxxxxxx>, bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
In-reply-to: <200702131811.l1DIBtAl021471@xxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

On Tue, 13 Feb 2007 Casper.Dik@xxxxxxx wrote:
> 
> >
> >Am I missing something?  This vulnerability is close to 10 years old.
> >It was in one of the first versions of Solaris after Sun moved off of
> >the SunOS BSD platform and over to SysV.  It has specifically to do w=
> >ith
> >how arguments are processed via getopt() if I recall correctly.
> 
> You're confused with AIX/Linux
> 
> Solaris did not have the -f option in login until much later.

Hi Casper. While we have you here, any idea on when Sun will be patching
this issue?

Many thanks,

        Gadi.

Follow-Ups:
- Re: Solaris telnet vulnberability - how many on your network?
  - From: Casper . Dik

References:
- Re: Solaris telnet vulnberability - how many on your network?
  - From: Casper . Dik

Prev by Date: iDefense Security Advisory 02.13.07: Microsoft 'wininet.dll' FTP Reply Null Termination Heap Corruption Vulnerability
Next by Date: Re: Solaris telnet vulnberability - how many on your network?
Previous by thread: Re: Solaris telnet vulnberability - how many on your network?
Next by thread: Re: Solaris telnet vulnberability - how many on your network?
Index(es):
- Date
- Thread