Ga?l Delalleau has reported two vulnerabilities in the telnet client included with Sun Solaris, which can be exploited by malicious people to compromise a vulnerable system.
OPERATING SYSTEM:
Sun Solaris 7
Sun Solaris 8
Sun Solaris 9
Sun Solaris 10
SOLUTION:
The vendor recommends removing the execute permissions from the
Solaris telnet utility.
A final resolution is reportedly pending completion.
PROVIDED AND/OR DISCOVERED BY:
Ga?l Delalleau
ORIGINAL ADVISORY:
Sun Microsystems:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1
iDEFENSE:
http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities
VERIFY ADVISORY:
http://secunia.com/advisories/14754/
Secunia Security Advisories
http://community.securityteam.us/article.php/20050330230300313