informa
News

Don't Ask, Don't Telnet

New zero-day telnet bug in Solaris reveals low-profile vulnerability in the OS

3:20 PM -- The breathless warnings of a major zero-day bug in Solaris immediately caught my eye and my attention early this morning -- until I saw the word "telnet."

Does anybody actually use telnet anymore?

Telnet, in case you may have forgotten (or are still trying to), is a protocol that lets you remotely log onto a machine. Secure Shell (SSH) basically replaced telnet several years ago because of the inherent risks of telnetting into a machine -- namely, the fact that telnet comes with no encryption, no authentication, and lots of known vulnerabilities. It's a no-brainer for a hacker to eavesdrop on the line and grab packets in a telnet session.

So does anybody really care about this telnet zero-day bug in Solaris?

Turns out telnet is on by default in Solaris 10 and 11 and you may not even know it. Solaris 10 and 11 users should care, and act fast.

"So the question is how many people [are using] telnet and [do] not realize it," says David Maynor, CTO of Errata Security. "Just because you have SSH enabled doesn't mean telnet is disabled."

Most security experts long have recommended against using telnet. There's really no good reason to, nor is it safe. SANS analysts today reiterated their recommendation to cut out telnet in their diary entry about the new bug: "In my opinion, NOBODY should be running telnet open to the internet," writes Bojan Zdrnja of the SANS Internet Storm Center.

Telnet still draws breath in places like legacy SCADA systems, Errata Security's Maynor notes. "Places like SCADA systems that have to meet very rigorous requirements may have to have it enabled for legacy reasons."

But not many other organizations today have a legitimate excuse for telnetting. Here's how easy this zero-day bug is to implement: SANS wouldn't even include information on the exploit in its daily Internet Storm Center blog diary today because exploiting the bug doesn't require any "special tools," the team notes.

So telnot.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

  • Errata Security
  • The SANS Institute
  • Sun Microsystems Inc. (Nasdaq: SUNW)
  • Recommended Reading: