http://isc.sans.org/diary.html?storyid=2316
http://blogs.sun.com/security/entry/solaris_in_telnetd_worm_seen
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102802-1

http://asert.arbornetworks.com/2007/02/solaris-telnet-scanning-possible-worm/

QUOTE: The worm attempts to log into your systems as the users “lp” or “adm” and execute a bunch of shell commands (some of which are visible in the IDA screen shot below) to set up shop and keep on truckin’. Very old school, reminds me of the old ADM worms I saw back in the late 90’s that got me interested in self-propagating malware in the first place.