|Check Point Reference:||CPAI-2007-029|
|Date Published:||13 Feb 2007|
|Last Updated:||15 May 2019|
|Protection Provided by:||
|Who is Vulnerable?|
|Vulnerability Description||A vulnerability has been reported in Sun Solaris telnet daemon. The vulnerability is due to an error in the Sun Solaris telnet daemon (in.telnetd) that fails to properly validate authentication information prior to passing it to the 'login' process. An attacker can exploit this flaw to bypass authentication of a valid accounts via an argument injection.|
This protection will enforce the transferring of proper Telnet requests.The detect mode makes it possible to track unauthorized access attempts without blocking them.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.
This protection's log will contain the following information:
Attack Name: Telnet Enforcement Violation.
Attack Information: Sun Solaris Telnet service unauthorized remote login