[geeks] Solaris 10 Remote-Root Exploit
Francois Dion
francois.dion at gmail.com
Mon Feb 12 14:51:04 CST 2007
It doesn't work on Solaris 8 or 9, works on some solaris 10 where
secure by default is not selected. Couldn't reproduce on Nevada as it
is secure by default and gives no choice.
To make a Solaris "secure by default" is simply a matter of running:
# netservices limited
Note that this will only allow local smtp and rpc, and only ssh
remotely, so be careful if you are on a production box, everything
else is tight. All my solaris installs have been SBD (secure by
default) since Sun introduced this. Before that it was SBFD (secure by
F.Dion :P )
Francois
More information about the geeks
mailing list