|
CERT advisories regarding security holes in SunOS
NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.
=============================================================================
CA-94:04 CERT Advisory
March 17, 1994
SunOS /usr/ucb/rdist Vulnerability
=============================================================================
The CERT Coordination Center has received information concerning a
vulnerability in /usr/ucb/rdist in Sun Microsystems, Inc. SunOS 4.1.1,
4.1.2, 4.1.3, and 4.1.3c on all sun3 and sun4 architectures. SunOS 4.1.3_U1,
Solaris 2.x, and Solbourne's 4.1B and 4.1C are not vulnerable.
This is a Sun specific Advisory. Please reference CERT Advisory CA-91:20
"/usr/ucb/rdist Vulnerability" for general information regarding other
vendors. A vendor status file pub/cert_advisories/rdist-patch-status is
available via anonymous FTP from info.cert.org.
This vulnerability is being actively exploited; please review CERT Advisory
CA-94:01 "Ongoing Network Monitoring Attacks."
Patches can be obtained from local Sun Answer Centers worldwide as well as
through anonymous FTP from ftp.uu.net in the /systems/sun/sun-dist directory.
In Europe, these patches are available from ftp.eu.net in the
/sun/fixes directory.
Information concerning specific patches is outlined below. Please note
that Sun sometimes updates patch files. If you find that the checksum
is different, please contact Sun.
-----------------------------------------------------------------------------
I. Description
A security vulnerability exists in /usr/ucb/rdist that
can be used to gain unauthorized privileges. Under some
circumstances /usr/ucb/rdist can be used to create setuid
root programs.
II. Impact
This vulnerability allows a local user to gain root access.
III. Solution
A. If rdist is not being used, change the permissions on the file.
# chmod 700 /usr/ucb/rdist
B. Obtain and install the appropriate patches according to the
instructions included with the patches.
Module Patch ID Filename
---------- --------- ---------------
rdist 100383-06 100383-06.tar.Z
BSD Checksum = 58984 121
System V Checksum = 9125 241
MD5 Checksum = f8f78ddab19af5efabb9bd66fc8f5c1a
---------------------------------------------------------------------------
If you believe that your system has been compromised, contact the CERT
Coordination Center or your representative in Forum of Incident
Response and Security Teams (FIRST).
Internet E-mail: [email protected]
Telephone: 412-268-7090 (24-hour hotline)
CERT personnel answer 8:30 a.m.-5:00 p.m. EST(GMT-5)/EDT(GMT-4),
and are on call for emergencies during other hours.
CERT Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA 15213-3890
Past advisories, information about FIRST representatives, and other
information related to computer security are available for anonymous
FTP from info.cert.org.
|
|