Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    November 2014
    S M T W T F S
    « Oct    
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    30  
  • About Us

    Mar1
    9:54 am (UTC-7)   |    by

    Last night we received reports of a worm exploiting Solaris machines. The worm attempts to log into Solaris 10 systems by taking advantage of a security hole in its Telnet service, this bug was disclosed earlier this month in the famous security list Full-Disclosure.


    According to US-CERT, the Telnet Daemon in Sun Solaris may accept authentication information through the USER environment variable.


    The Problem lies in the daemon not being able to properly sanitize information before passing it to the login program, this login program can makes false interpretation of this information.
    Because of this, a remote attacker may be able to bypass the login authentication and telnet. The sad thing with this exploit is that it is not need any exploit knowledge to be used for mass attacks.
    We have already submitted the sample for detection and we will update you as soon as possible.

    Update 03/01/2007 12:10 PM: The malware will be detected as WORM_WANUK.A.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon




    Comments are closed.



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice