Re: [BLACKLIST] [Full-disclosure] Solaris telnet vulnberability - how many on yournetwork?



Gadi,

[...]
One note: although it could just as well be a bug, who says it was not a
backdoor in the early 90's?
>
Also, I understand this does not work on older Solaris/SunOS systems
(anyone can verify?)

I can. It is not present in anything before Solaris 10.

which adds to my personal interest in the
possibility. I refuse to believe someone is that funny/sad.

Not sure what you mean here... You don't believe this is a (very
unfortunate) accident?

From where I stand (pretty close to the fire) this is pretty much
what it looks like (an extended multi-file, multi-entrance-point
change with unforseen and unnoticed interdependencies).

Joep