[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Solaris telnet vulnberability - how many on your network?

To: Darren Reed <avalon@xxxxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Solaris telnet vulnberability - how many on your network?
From: Joe Beasley <securityadmin@xxxxxxxxxxxxxx>
Date: Thu, 15 Feb 2007 13:55:19 -0600

Darren Reed wrote:
> In some mail from Joe Shamblin, sie said:
>   
>> How about just uncommenting the following from /etc/default/login
>>
>> # If CONSOLE is set, root can only login on that device.
>> # Comment this line out to allow remote login by root.
>> #
>> CONSOLE=/dev/console
>>
>> Not a fix to be sure, but at least prevents a remote login.
>>     
>
> This only controls access to the account known as root.
>
> I'll wager that there are other accounts you could use this
> to get access to (that you shouldn't be able to) which could
> lead to various sorts of security issues.
>
> Darren
>   
You can login with any account in /etc/passwd.  I logged in as "bin" to 
one of my boxes.
We don't allow root, so that did not work.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- Re: [Full-disclosure] Solaris telnet vulnberability - how many on your network?
  - From: Darren Reed

Prev by Date: [Full-disclosure] iDefense Security Advisory 02.15.07: Multiple Vendor ClamAV MIME Parsing Directory Traversal Vulnerability
Next by Date: [Full-disclosure] [USN-422-1] ImageMagick vulnerabilities
Previous by thread: Re: [Full-disclosure] Solaris telnet vulnberability - how many on your network?
Next by thread: Re: [Full-disclosure] Solaris telnet vulnberability - how many on your network?
Index(es):
- Date
- Thread