That exploit dates back to 1999. The 'HoneyNet' project left that server open on purpose, with a 3 year old known exploit unpatched on purpose, "to catch a thief". That's what they do. The MS people are just feeding you the update about the HoneyPot and claiming it's a new exploit.
Whether it's a new or old exploit is irrelevant to me. The fact of the matter is that it is
currently being exploited. If Harr wants to laugh it off as an old bug, fine. It exists today. Now. Here's the text from the new advisory:
"January 14, 2002 - Since CA-2001-31 was originally released last November, the CERT/CC has received reports of scanning for dtspcd (6112/tcp). Just recently, however, we have received credible reports of an exploit for Solaris systems. Using network traces provided by The Honeynet Project, we have confirmed that the dtspcd vulnerability identified in CA-2001-31 and discussed in VU#172583 is actively being exploited".
I don't know what's worse: The hackers trying to exploit the Solaris hole or those on this thread who are trying to laugh it away. It's a bug. Sun should fix it. And we should all move on. Let's not deny the obvious.
he 'HoneyNet' project left that server open on purpose, with a 3 year old known exploit unpatched on purpose, "to catch a thief". So what part of this didn't you understand? If the exploit is three years old and is known, and a fix has been supplied, yet someone is leaving it open for their own purposes; what exactly is your problem?
According to Suns web site:
________________________________________________________________________________
Sun Microsystems, Inc. Security Bulletin
Bulletin Number: #00192
Date: December 29, 1999
Cross-Ref: CERT CA-99-11
Title: CDE and OpenWindows
Revision History:
March 28, 2000: Updated patch information
March 3, 2000: Updated patch information
January 25, 2000: Updated patch information
December 29, 1999: Initial release