- Related Stories
-
Sun's Solaris 10 at risk of zero-day exploit
February 13, 2007 -
Zombies try to blend in with the crowd
October 19, 2006
The worm attempts to log into systems running Solaris 10, execute a number of commands to plant itself and then spread to other vulnerable computers, Jose Nazario, a senior software engineer at Arbor Networks, wrote on his company's blog Tuesday. Arbor sells network analysis products.
Sun confirmed the threat Wednesday in an updated alert on its Web site. "There is at least one worm in existence that is making use of this exploit to compromise system integrity," Sun warned.
The company has offered a worm-cleaning tool for affected customers.
The worm takes advantage of a security hole in the Solaris telnet service that was first disclosed earlier this month. The bug could enable attackers to gain unauthorized access to a system without requiring any action on the part of the user. Sun has released a fix for the flaw and urges users to install it.
The SANS Internet Storm Center, which monitors Internet threats, has noticed some increase in activity on the network port used by Solaris' telnet feature, according to an ISC blog posted Tuesday.
"One hopes that there aren't that many publicly reachable Solaris systems running telnet," ISC staffer Joel Esler wrote.
Telnet was one of the first methods devised to allow system administrators to remotely monitor their networks. The service will usually prompt people for their username and password. However, the Solaris bug could allow an attacker to add additional parameters and connect without a username or password.
Systems with telnet disabled are not vulnerable to this attack.
See more CNET content tagged:
Sun Solaris, computer worm, Sun Microsystems Inc., worm, flaw
this. Its an inherently insecure protocol which is easily replaced
(with additional functionality) with SSH. Since free, well supported,
and well tested SSH implementations exist for most every platform
there is really no reason to maintain telnet service unless some sort
of critical legacy application demands it.
- Luckily, Solaris share is too small.
- by alegr February 28, 2007 3:33 PM PST
- I Solaris were as much present these days as NT4 and Window2000 were when their infamous worm stroke, the impact would be as severe.
- Like this Reply to this comment
-
-
- no one in their right mind uses telnet
- by RompStar_420 February 28, 2007 3:39 PM PST
- No one uses Telnet, that's clear text.... and anyone listening on a network could easily pickup the ID and password.
- Like this
-
- no one in their right mind uses telnet
- by RompStar_420 February 28, 2007 3:39 PM PST
- No one uses Telnet, that's clear text.... and anyone listening on a network could easily pickup the ID and password.
- Like this View reply
Processing -
(5 Comments)