← Back to CVEs
CVE-2007-0882
N/ADescription
Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by the bin account.
CVE Details
CVSS v3.1 ScoreN/A
Published2/12/2007
Last Modified4/23/2026
Sourcenvd
Honeypot Sightings0
Affected Products
oracle:solarissun:sunos
Weaknesses (CWE)
CWE-88
References
http://isc.sans.org/diary.html?storyid=2220(cve@mitre.org)
http://osvdb.org/31881(cve@mitre.org)
http://seclists.org/fulldisclosure/2007/Feb/0217.html(cve@mitre.org)
http://secunia.com/advisories/24120(cve@mitre.org)
http://www.kb.cert.org/vuls/id/881872(cve@mitre.org)
http://www.securityfocus.com/archive/1/459831/100/0/threaded(cve@mitre.org)
http://www.securityfocus.com/archive/1/459843/100/0/threaded(cve@mitre.org)
http://www.securityfocus.com/archive/1/459855/100/0/threaded(cve@mitre.org)
http://www.securityfocus.com/archive/1/459980/100/0/threaded(cve@mitre.org)
http://www.securityfocus.com/bid/22512(cve@mitre.org)
http://www.securitytracker.com/id?1017625(cve@mitre.org)
http://www.us-cert.gov/cas/techalerts/TA07-059A.html(cve@mitre.org)
http://www.vupen.com/english/advisories/2007/0560(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32434(cve@mitre.org)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2202(cve@mitre.org)
http://erratasec.blogspot.com/2007/02/trivial-remote-solaris-0day-disable.html(af854a3a-2127-422b-91ae-364da2661108)
http://isc.sans.org/diary.html?storyid=2220(af854a3a-2127-422b-91ae-364da2661108)
http://osvdb.org/31881(af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2007/Feb/0217.html(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24120(af854a3a-2127-422b-91ae-364da2661108)
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102802-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/881872(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/459831/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/459843/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/459855/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/459980/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/460086/100/100/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/460103/100/100/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/22512(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1017625(af854a3a-2127-422b-91ae-364da2661108)
http://www.us-cert.gov/cas/techalerts/TA07-059A.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/0560(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32434(af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2202(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.