Solaris 10 wins pwnie, remote exploit took 13 years to patch.

, posted: 4-Aug-2007 09:41

Check out Solaris's Pwnie award for a remote expoit bug first reported in 1994.
Pwnie for Best Server-Side Bug Awarded to the person who discovered the most technically sophisticated or interesting server side bug. This includes any software that is accessible remotely. Solaris in.telnetd remote root exploit (CVE-2007-0882) Discovered by: Kingcope This mindblowingly simple vulnerability does not require any special hacking tools or shellcode. It can be exploited with nothing more than a standard telnet client and leads to instant root on Solaris 10 and 11. The best part is that the exact same vulnerability was reported to Bugtraq back in 1994. For more details see the original advisory and detailed analysis of the bug.

Other related posts:

Add a comment

Please note: comments that are inappropriate or promotional in nature will be deleted. E-mail addresses are not displayed, but you must enter a valid e-mail address to confirm your comments.

Are you a registered Geekzone user? Login to have the fields below automatically filled in for you and to enable links in comments. If you have (or qualify to have) a Geekzone Blog then your comment will be automatically confirmed and shown in this blog post.

Your name:

Your e-mail:

Your webpage:

taniwha's profile

Wally (Brenda) 
Te Whanganui O Tara
New Zealand