Sun Alert 102867 Security Vulnerability in the SEAM Kerberized telnetd(1M) Daemon May Allow Unauthorized Remote Users to Gain Access to a Solaris Host

Product: Sun Enterprise Authentication Mechanism 1.0

A security vulnerability in the SEAM Kerberized telnetd(1M) daemon may allow a local or remote unprivileged user who is able to connect to a host using the telnet(1) service to gain unauthorized access to that host by connecting as any user on the system, allowing them to execute arbitrary commands with the privileges of that user. This includes the root user (uid 0).

This issue is described in the following documents:

Avoidance: Patch, Workaround
State: Resolved
First released: 03-Apr-2007
Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
2
3
4
5
6
7
8
9
10
11
12
13
14
16
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today