Description: kcope has reported a vulnerability in Solaris, which can be exploited by malicious people to bypass certain security restrictions and gain access to a vulnerable system.
The vulnerability is caused due to an error in in.telnetd when invoking the "login" program. This can be exploited to bypass authentication by providing a valid account as login name preceded by the "-f" option specifier.
The vulnerability is reported in Solaris (SunOS 5.10 and 5.11). Other versions may also be affected.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.