There is an incredibly simple root exploit for computers running the Solaris operating system with telnet enabled. While in general terms it is a bad idea to have telnet enabled and particularly so on a forward facing or internet connected machine, this exploit is so simple and Solaris boxes are popular for forward facing roles such as web servers, etc. In general we would not be concerned with Solaris exploits at Managed Solutions. However this particular exploit has ramifications for all of us. Anything that has the potential for a very successful internet worm has the potential to affect the general availability of services we rely on. It could also lead to a compromise of our personal information should one of the hosts that we might have made a credit card purchase through become compromised. We will continue to monitor activity of this worm and update this article of any significant details.

As of 2/28/2007 there is a worm circulating for this previously reported simple exploit. We are actually surprised it took this long for something to hit the wild. Hopefully most organizations patched the vulnerability. Unfortunately it seems like things like this are far too often dealt with in a reactive fashion.