Please create an account to participate in the Slashdot moderation system


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Sun Microsystems

Submission + - Trivial Remote Exploit on Sun Solaris 10

Jeremy Kister writes: "Errata Security reports about a bug found in the telnet daemon of Solaris 10. From the article:

Basically if you pass a "-fusername" as an argument to the -l option you get full access to the OS as the user specified. In my example I do it as bin but it worked for regular users, just not for root. This combined with a reliable local privilege escalation exploit would be devastating. Expect mass scanning and possibly the widespread exploitation of this vulnerability.

Slashdot Top Deals

"An idealist is one who, on noticing that a rose smells better than a cabbage, concludes that it will also make better soup." - H.L. Mencken