CVE-2007-0882
- Reference to the description:
- Description:
- Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by the bin account.
- Last updated date:
- 02/14/2024
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 10/02/2020
- Reference url to background
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/solaris/telnet/fuser.rb
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 02/14/2024
- Reference url to background
http://erratasec.blogspot.com/2007/02/trivial-remote-solaris-0day-disable.html
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 02/14/2024
- Reference url to background