from the frantically-trying-to-fix dept.
philos writes "According to SANS ISC, there's a vulnerability in Solaris 10 and 11 telnet that allows anyone to remotely connect as any account, including root, without authentication. Remote access can be gained with nothing more than a telnet client. More information and a Snort signature can be found at riosec.com. Worse, this is almost identical to a bug in AIX and Linux rlogin from way back in 1994."
I've never been canoeing before, but I imagine there must be just a few
simple heuristics you have to remember...
Yes, don't fall out, and don't hit rocks.