Wednesday February 28, 2007 Paul Roberts' Musings
Wednesday February 28, 2007 It looks like a worm which takes advantage of the in.telnetd vulnerability that we described in Sun Alert 102802 a little while back is now being propagated around at least some networks.
The security team has posted some further details on our blog describing how to determine if a machine is infected, along with a script that removes the footprint (as far as we are aware of it). It also disables telnet in the process, which is something that should probably be done on all Solaris 10 or Nevada hosts right now anyway (even without this new development), at least until the machine can be patched as described in the resolution section of Sun Alert 102802.
( Feb 28 2007, 02:15:57 PM GMT ) PermalinkComments:
Post a Comment:
Comments are closed for this entry.
