>Affected Systems: Solaris 2.6, 2.7, 8 SPARC Platform Theis appears to be an exploit exploiting the combination of the bugs: 4516876 in.telnetd should not accept TTYPROMPT from remote 4516885 *login* security problem Patches that fix the login problem: 105665-04: SunOS 5.6: /usr/bin/login patch 105666-04: SunOS 5.6_x86: /usr/bin/login patch 106160-02: SunOS 5.5.1: /usr/bin/login patch 106161-02: SunOS 5.5.1_x86: /usr/bin/login patch 108729-01: SunOS 5.5: /usr/bin/login patch 108730-01: SunOS 5.5_x86: /usr/bin/login patch 111085-02: SunOS 5.8: /usr/bin/login patch 111086-02: SunOS 5.8_x86:: /usr/bin/login patch 112300-01: SunOS 5.7: usr/bin/login Patch 112301-01: SunOS 5.7_x86: usr/bin/login Patch Patches that fix the telnetd problem (and other telnetd problems): 106049-04: SunOS 5.6: /usr/sbin/in.telnetd patch 106050-04: SunOS 5.6_x86: /usr/sbin/in.telnetd patch 107475-04: SunOS 5.7: /usr/sbin/in.telnetd Patch 107476-04: SunOS 5.7_x86: /usr/sbin/in.telnetd Patch 110668-03: SunOS 5.8: /usr/sbin/in.telnetd patch 110669-03: SunOS 5.8_x86: /usr/sbin/in.telnetd patch Casper
