Telnet is command prompt-controlled network protocol that can be used on intranets and the internet. It was one of the early internet standards but has fallen into disuse owing to its limited security.
The flaw allows any user who accesses the Telnet service of an affected system to gain unauthorised access and execute commands with the same privileges as local users.
If a system is configured to allow root access through Telnet, the attacker will receive the same security clearings.
Users can protect themselves against the vulnerability by disabling all Telnet traffic within Solaris or by blocking port 23 on their firewalls.
If Telnet access is required, users can also change the software's settings to prevent attackers from gaining root access.
Sun engineer Alan Hargreaves, who investigated the bug for the vendor, said on his blog: "Let me acknowledge that, yes, this was an almighty cock up and should not have happened. It did happen. Let's move on," he wrote.
He added that a patch is under development and will be released shortly.
Geoengineering on the sea floor near glaciers would form a new ice shelf to prevent melting
Alterations in capillary blood flow can be caused by body position change
Curiosity rover is in 'normal mode' but not transmitting scientific data back to base
NatWest outage comes a day after Barclays' IT systems shut out customers and staff