VULHUB ™

The telnet server shipped with Sun Microsystem's Solaris operating system is vulnerable to a buffer-overflow condition. Remote attackers may exploit this vulnerability to gain root access on target hosts. **RETRACTION NOTE: It has been determined that this report was sent out in error and that the listed patches likely correct BID 3064 ("Multiple Vendor Telnetd Buffer Overflow Vulnerability"). This alert was originally published after the discovery of functional exploit code that appeared to exploit telnetd. It has since been determined that the code, an exploit for BID 3681 ("Multiple Vendor System V Derived 'login' Buffer Overflow Vulnerability"), was leaked from Internet Security Systems. It has been removed from the SecurityFocus archives. This BID will be retired.

The telnet server shipped with Sun Microsystem's Solaris operating system is vulnerable to a buffer-overflow condition. Remote attackers may exploit this vulnerability to gain root access on target hosts. **RETRACTION NOTE: It has been determined that this report was sent out in error and that the listed patches likely correct BID 3064 ("Multiple Vendor Telnetd Buffer Overflow Vulnerability"). This alert was originally published after the discovery of functional exploit code that appeared to exploit telnetd. It has since been determined that the code, an exploit for BID 3681 ("Multiple Vendor System V Derived 'login' Buffer Overflow Vulnerability"), was leaked from Internet Security Systems. It has been removed from the SecurityFocus archives. This BID will be retired.