RE: [Full-disclosure] Solaris telnet vulnberability - how many onyour network?

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: RE: [Full-disclosure] Solaris telnet vulnberability - how many onyour network?
From: "Peter Ferrie" <pferrie@xxxxxxxxxxxx>
Date: Tue, 13 Feb 2007 13:29:34 -0800
Cc: "Oliver Friedrichs" <oliver_friedrichs@xxxxxxxxxxxx>, <bugtraq@xxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <Pine.LNX.4.21.0702131403350.10319-100000@xxxxxxxxxxxx>
Thread-index: AcdPtXZKf/PC1i+UQRGNbkaeKh6C7AAAEpyA
Thread-topic: [Full-disclosure] Solaris telnet vulnberability - how many onyour network?

> I have to agree with a previous poster and suspect (only 
> suspect) it could somehow be a backdoor rather than a bug.

Reminds me of the WMF SetAbortProc() "backdoor" accusation.
:-) It was just bad design.

Prev by Date: Re: Solaris telnet vulnberability - how many on your network?
Next by Date: MS Interactive Training .cbo Overflow
Previous by thread: [ GLSA 200702-03 ] Snort: Denial of Service
Next by thread: MS Interactive Training .cbo Overflow
Index(es):
- Date
- Thread