Input Validation Attack In unix

amit08255 By amit08255, 8th Apr 2014 | Follow this author | RSS Feed
Posted in Wikinut>Reviews>Technology>Security

Today we are going to talk about bypassing remote authentication in SOLARIS OS systems.
This article will make you understand how hackers can enter your system remotely.

Input Validation Attack In UNIX

Our purpose is to explain what an input validation attack is and how it may allow attackers to gain access to Linux systems.
An input validation attack can occur in following conditions:--
1. A program fails to recognize syntactically incorrect input
2. A module accepts extraneous input.
3. A module fails to handle missing input fields.
4. A field value correlation error occurs.

The solaris authentication bypass vulnerability is the result of improper sanitation of input..
That is to say, the telnet daemon, in.telnetd, doesn't properly parse input before passing it to login program, and the login program, in turn, makes improper assumprion about the data being passed to it.
Subsequently, by crafting a special telnet string, a hacker doesn't need to know the password of the user account he wants to authenticate as.
To gain remote access, the attacker only needs a valid username that is allowed to access the system via telnet.
The syntax for solaris exploit is:--

telnet -l "-f<user>" <hostname>

For this attack to work, telnet daemon must be running, user must be allowed to authenticate remotely and the vulnerability must not be patched.
Early releases of solaris10 OS with telnet enabled can be hacked using this method.
Remember to update your system if you are using early releases of SOLARIS10 OS.
You can visit here to get UNIX security tips.


moderator Steve Kinsman moderated this page.
If you have any complaints about this content, please let us know


Add a comment
Can't login?