[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-0882Date: (C)2007-02-12   (M)2024-02-22


Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by the bin account.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1017625
SUNALERT-102802
http://seclists.org/fulldisclosure/2007/Feb/0217.html
http://www.securityfocus.com/archive/1/459855/100/0/threaded
http://www.securityfocus.com/archive/1/459831/100/0/threaded
http://www.securityfocus.com/archive/1/459843/100/0/threaded
http://www.securityfocus.com/archive/1/459980/100/0/threaded
http://www.securityfocus.com/archive/1/460103/100/100/threaded
http://www.securityfocus.com/archive/1/460086/100/100/threaded
BID-22512
SECUNIA-24120
OSVDB-31881
ADV-2007-0560
TA07-059A
VU#881872
http://erratasec.blogspot.com/2007/02/trivial-remote-solaris-0day-disable.html
http://isc.sans.org/diary.html?storyid=2220
oval:org.mitre.oval:def:2202
solaris-telnet-authentication-bypass(32434)

CWE    1
CWE-88

© SecPod Technologies