Improve Your Security IQ
Any telnet server running Solaris is a total pushover
Nobody should use telnet anymore. I mean, come on. SSH, telnet's much smarter
and more secure cousin, has been around for ages. It's easy to use and widely
available on many platforms. It lets you do everything telnet does, with the
added benefit of hiding your sessions from prying eyes. I just
don't see any reason you'd want to use telnet still. Nonetheless, if any
Solaris 10 or 11 administrators out there still use telnet, here's another
reason to jump ship.
According to a post on
a popular exploit code site, the telnet server (telnetd) that ships with Sun
Solaris 10 and 11 suffers from a very serious vulnerability that allows remote
attackers to gain full control of Solaris servers. Worse, the vulnerability
is trivial to exploit. If you allow outside users to access your Solaris telnet
server, an unauthenticated remote hacker merely has to send it a specially
crafted string and blammo -- he's got root.
This really is a horrible flaw for those it affects. However, I'm guessing "those
it affects" are few. Of all the operating systems out there,
Solaris isn't the most popular. I don't expect that many people reading this
blog use it much. Furthermore, Wire readers are security conscientious and
probably know the dangers of telnet. I'd like to think you don't use telnet
outside your own network... if at all.
If you do run a Solaris 10 or 11 server and use telnet, I recommend you stop.
Solaris hasn't had time to patch this zero day flaw, so your only remediation
option is to disable telnet or restrict it to trusted IPs. I vote for disable.
If you're really worried about this vulnerability, and run a Snort compatible
IDS system, you can also grab this Bleeding
Edge Snort signature for it, written by Chris Boyd.
To sum up, if you follow basic security practices, this flaw's not much of
a threat. If you use telnet recklessly, your Solaris server and your network
are pushovers. -- Corey
Copyright© 2010 WatchGuard® Technologies, Inc. You may copy and distribute this article freely in any medium as long as you copy and distribute the entire article without change and preserve this copyright statement and notice.