Check Point Advisories

Sun Solaris Telnet Service Unauthorized Remote Login (CVE-2007-0882)

Check Point Reference: CPAI-2007-029
Date Published: 13 Feb 2007
Severity: Critical
Last Updated: 15 May 2019
Source:
Industry Reference:CVE-2007-0882
Protection Provided by:

Security Gateway
R80, R77, R75, R71, R70, R65

Who is Vulnerable?
Vulnerability Description A vulnerability has been reported in Sun Solaris telnet daemon. The vulnerability is due to an error in the Sun Solaris telnet daemon (in.telnetd) that fails to properly validate authentication information prior to passing it to the 'login' process. An attacker can exploit this flaw to bypass authentication of a valid accounts via an argument injection.

Protection Overview

This protection will enforce the transferring of proper Telnet requests.The detect mode makes it possible to track unauthorized access attempts without blocking them.

In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.

Security Gateway R65 / R70 / R71 / R75 / R77 / R80

  1. In the IPS tab, click Protections and find the Sun Solaris Telnet Service Unauthorized Remote Login protection using the Search tool and Edit the protection's settings.
  2. Install policy on all Security Gateways.

This protection's log will contain the following information:

Attack Name:  Telnet Enforcement Violation.
Attack Information:  Sun Solaris Telnet service unauthorized remote login

This website uses cookies to ensure you get the best experience. Got it, Thanks! MORE INFO