���J���F2007.03.01 11:55�@�ŏI�X�V���F2007.03.01 11:55

TRTA07-059A
Sun Solaris Telnet Worm

�T�v


Sun Solaris telnet daemon (in.telnetd) �̐Ǝ㐫���g�p���� Worm �̊������񍐂���Ă��܂��BVU#881872 �̏C���p�b�`��K�p���Ă��Ȃ��V�X�e���́A���� Worm �ɐN�������”\��������܂��B

VU#881872 �� 2007/02/12 �� Sun Solaris telnet authentication bypass vulnerability �Ƃ��ĕ񍐂���Ă��܂��B�ڂ����́A�Q�l���� US-CERT Vulnerability Note VU#881872 �����m�F�������B

�e�����󂯂�V�X�e��
�@- Sun Solaris 10 (SunOS 5.10)
�@- Sun "Nevada" (SunOS 5.11)
�@�@SPARC �A�[�L�e�N�`���� Intel (x86) �A�[�L�e�N�`�����e���������܂��B
�@�@�ڂ����̓x���_�̒񋟂�������m�F�������B

������Ƃ��ẮASun Alert Notification 102802 �Ō��J����Ă���p�b�`��K�p���邱�Ƃ𐄏����܂��B�܂��A�����Ƃ��ẮAtelnet �T�[�r�X�𖳌��ɂ���A�K�؂ȃA�N�Z�X�������s���ASSH �T�[�r�X���g�p����悤�ɂ���Ȃǂ�����܂��B

2007/03/01 ���_�ɂ����� Sun ���� Worm �쏜�X�N���v�g (inoculate.local) ���񋟂���Ă��܂��B�쏜�ł��� Worm �̎�ނɊւ��ẮASun �񋟂̏������m�F�������B

���n��C�x���g


���� (JST)���e
2007-03-01 14:51 JPCERT/CC JPCERT-AT-2007-0007: Sun Solaris in.telnetd �̐Ǝ㐫���g�p���郏�[���Ɋւ��钍�ӊ��N
2007-03-01 09:26 US-CERT TA07-059A: Sun Solaris Telnet Worm
US-CERT ���[�����O���X�g�o�R�� Technical Cyber Security Alert ��M
2007-03-01 06:00 US-CERT Worm Actively Exploits Vulnerability in Sun Solaris Telnet Daemon
2007-02-28 Sun Microsystems Solaris in.telnetd worm seen in the wild + inoculation script
2007-02-27 SANS Internet Storm Center Solaris worm?
2007-02-14 17:16 �C���^�[�l�b�g�Z�L�����e�B�V�X�e���Y Solaris �ł� Telnet ���O�C���ɂ��F�؉��
2007-02-13 02:14 US-CERT Authentication Bypass Vulnerability in Sun Solaris Telnet Daemon
2007-02-12 18:58 US-CERT VU#881872: Sun Solaris telnet authentication bypass vulnerability
2007-02-12 SANS Internet Storm Center Another good reason to stop using telnet
2007-02-12 Sun Microsystems Sun Alert 102802: Security Vulnerability in the in.telnetd(1M) Daemon May Allow Unauthorized Remote Users to Gain Access to a Solaris Host
2007-02-11 Bugtraq Sun Solaris Telnet Remote Authentication Bypass Vulnerability
�Ǝ㐫(CVE-2007-0882) ���؃R�[�h�Ɋւ����

�Q�l���


  1. Technical Cyber Security Alert TA07-059A
    Sun Solaris Telnet Worm
  2. Vendor Status Note JVNTA07-059A
    Sun Solaris Telnet Worm