SANS Warns Of 'Major Zero-Day' Bug In Solaris - InformationWeek
IoT
IoT
Software // Enterprise Applications
News
2/12/2007
10:21 AM
50%
50%
RELATED EVENTS
[Dark Reading Crash Course] Finding & Fixing Application Security Vulnerabilitie
Sep 14, 2017
Hear from a top applications security expert as he discusses key practices for scanning and securi ...Read More>>

SANS Warns Of 'Major Zero-Day' Bug In Solaris

SANS analysts are warning IT managers to stop using Telnet altogether because of a problem in the way Solaris 10 and 11 are set up to use Telnet.

The SANS Institute is warning of a zero-day bug in Sun's Solaris 10 and 11 Telnet that allows hackers to easily gain remote access to the computes running the operating systems.

The vulnerability -- called a "major zero-day bug" -- has been verified, according to a release on the SANS' Internet Storm Center Web site. The problem lies in the way Telnet, which is a network protocol, uses parameters during the authentication process, says Johannes Ullrich, chief research officer at the SANS Institute and chief technology officer for the Storm Center, a cooperative cyberthreat monitoring and alert system.

Ullrich says that by simply adding what he calls a "trick" or simple text to the telnet command, the system will skip asking for a user name and password. No exploit needs to be downloaded. Every Solaris 10 and 11 system is at risk. If the systems are installed out of the box, they automatically come Telnet enabled.

Storm Center analysts are recommending that Telnet be disabled on the Solaris systems.

While Ullrich calls Telnet out of date and problematic, he says this specific zero-day bug is caused by the way Solaris is designed. "The funny or sad thing is that in 1994, AIX had a similar problem and they fixed it," he adds, saying Sun should have learned a lesson from IBM's mistake.

"I have not heard of it being used yet," he adds. "But I imagine it's going on because it's such a simple procedure."

Ullrich and other researchers at the Internet Storm Center are warning users to not use Telnet anymore -- on any system. "It's archaic at this point," says Ullrich. "Never use Telnet to log in to a system. Use SSH instead. There's just no reason to use Telnet. I don't know why they keep it enabled. They really shouldn't."

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
[Interop ITX 2017] State Of DevOps Report
[Interop ITX 2017] State Of DevOps Report
The DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll