A computer worm is using a recently disclosed flaw in Sun Microsystems' operating system to propagate, experts have warned.
The worm attempts to log into systems running Solaris 10, execute a number of commands to plant itself and then spread to other vulnerable computers, Jose Nazario, a senior software engineer at Arbor Networks, wrote on his company's blog Tuesday. Arbor sells network analysis products.
Sun confirmed the threat Wednesday in an updated alert on its Web site. "There is at least one worm in existence that is making use of this exploit to compromise system integrity," Sun warned.
The worm takes advantage of a security hole in the Solaris telnet service that was first disclosed earlier this month. The bug could enable attackers to gain unauthorized access to a system without requiring any action on the part of the user. Sun has released a fix for the flaw and urges users to install it.
The SANS Internet Storm Center, which monitors Internet threats, has noticed some increase in activity on the network port used by Solaris' telnet feature, according to an ISC blog posted Tuesday.
"One hopes that there aren't that many publicly reachable Solaris systems running telnet," ISC staffer Joel Esler wrote.
Telnet was one of the first methods devised to allow system administrators to remotely monitor their networks. The service will usually prompt people for their username and password. However, the Solaris bug could allow an attacker to add additional parameters and connect without a username or password.
Systems with telnet disabled are not vulnerable to this attack.
If anyone is still using telnet then they should expect issues like this. Its an inherently insecure protocol which is easily replaced (with additional functionality) with SSH. Since free, well supported, and well tested SSH implementations exist for most every platform there is really no reason to maintain telnet service unless some sort of critical legacy application demands it.
The Samsung Galaxy Mini 2 S6500 could make its debut at the Mobile World Congress in Barcelona later this month, according to a leaked promotional image.
The space agency powers down its last System Z machine, years after IBM stopped selling them for the mathematical calculation jobs for which NASA originally bought them.
this. Its an inherently insecure protocol which is easily replaced
(with additional functionality) with SSH. Since free, well supported,
and well tested SSH implementations exist for most every platform
there is really no reason to maintain telnet service unless some sort
of critical legacy application demands it.