Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by the bin account.
oryginał ENAV:N/AC:L/Au:N/C:C/I:C/A:COracle Solaris
OSOracle1011Sun Sunos
OSSun5.105.11
Powiązane podatności
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Su...
Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a paramet...
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Remote Administration Daemon). The...
RCE w IBM WebSphere Application Server przez niebezpieczną deserializację
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 thr...