Patch/Configuration Management, Vulnerability Management

Zero-day vulnerability found in Sun Microsystems Solaris 10 and 11

The SANS Institute's Internet Storm Center advised network administrators this week to disable all telnet functions due to a zero-day vulnerability in Sun Microsystems Solaris versions 10 and 11.

The flaw – which could allow a malicious user access to a Solaris host – does not exist in Solaris versions 9 and earlier, according to Internet Storm Center researcher Donald Smith.

"It has been verified," Smith said Monday on the organization’s weblog. "In my opinion, nobody should be running telnet open to the internet."

The flaw is caused by an error in in.telnetd when invoking the "login" program, according to an advisory released by Secunia today. Secunia ranked the vulnerability as "moderately critical."

Smith added that SANS has recommended administrators use a remote shell access method other than telnet for 13 years. He said users who must run telnet should deploy firewalls to protect their networks.

In an advisory released Monday and modified earlier today, Sun said a final resolution for the issue is pending.

Click here to email Online Editor Frank Washkuch Jr.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.