Check Point Advisories

Sun Solaris Telnet Service Unauthorized Remote Login (CVE-2007-0882)

Check Point Reference: CPAI-2007-029
Date Published: 13 Feb 2007
Severity: Critical
Last Updated: Wednesday 15 May, 2019
Source:
Industry Reference:CVE-2007-0882
Protection Provided by:

Security Gateway
R81, R80, R77, R75, R71, R70, R65
Who is Vulnerable?
Vulnerability Description A vulnerability has been reported in Sun Solaris telnet daemon. The vulnerability is due to an error in the Sun Solaris telnet daemon (in.telnetd) that fails to properly validate authentication information prior to passing it to the 'login' process. An attacker can exploit this flaw to bypass authentication of a valid accounts via an argument injection.

Protection Overview

This protection will enforce the transferring of proper Telnet requests.The detect mode makes it possible to track unauthorized access attempts without blocking them.

In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.

Security Gateway R80 / R77 / R75 / R71 / R70 / R65

  1. In the IPS tab, click Protections and find the Sun Solaris Telnet Service Unauthorized Remote Login protection using the Search tool and Edit the protection's settings.
  2. Install policy on all Security Gateways.

This protection's log will contain the following information:

Attack Name:  Telnet Enforcement Violation.
Attack Information:  Sun Solaris Telnet service unauthorized remote login

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK