Unrated severityNVD Advisory· Published Feb 12, 2007· Updated Apr 23, 2026
CVE-2007-0882
CVE-2007-0882
Description
Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by the bin account.
Affected products
4cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*
- cpe:2.3:o:sun:sunos:5.11:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
19- erratasec.blogspot.com/2007/02/trivial-remote-solaris-0day-disable.htmlnvdExploitThird Party Advisory
- isc.sans.org/diary.htmlnvdExploitThird Party Advisory
- seclists.org/fulldisclosure/2007/Feb/0217.htmlnvdMailing ListThird Party Advisory
- secunia.com/advisories/24120nvdBroken LinkVendor Advisory
- www.kb.cert.org/vuls/id/881872nvdThird Party AdvisoryUS Government Resource
- www.securityfocus.com/archive/1/459831/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/459843/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/459855/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/459980/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/460086/100/100/threadednvdBroken LinkThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/460103/100/100/threadednvdBroken LinkThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/22512nvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- www.us-cert.gov/cas/techalerts/TA07-059A.htmlnvdBroken LinkThird Party AdvisoryUS Government Resource
- www.vupen.com/english/advisories/2007/0560nvdBroken LinkVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/32434nvdThird Party AdvisoryVDB Entry
- osvdb.org/31881nvdBroken Link
- sunsolve.sun.com/search/document.donvdBroken Link
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2202nvdBroken Link
News mentions
0No linked articles in our index yet.