[3285] in Release_7.7_team
IMPORTANT: Remote root vulnerability on Athena Solaris machines
daemon@ATHENA.MIT.EDU (Greg Hudson)
Fri May 24 16:26:24 2002
Date: Fri, 24 May 2002 16:26:18 -0400
Message-Id: <200205242026.QAA05608@error-messages.mit.edu>
From: Greg Hudson <ghudson@MIT.EDU>
To: release-announce@MIT.EDU
A remote root vulnerability was recently discovered in the
implementation of some versions of the talk daemon, which is a
standard service on Athena workstations. Athena Solaris machines are
affected by this vulnerability.
If you have a Solaris 9.0 Athena machine, you should take the
just-released 9.0.26 patch release, or disable the vendor talkd by
running (as root):
chmod 000 /usr/sbin/in.talkd
If you have a Solaris 9.1 Athena machine (because you are a beta
tester), you should take the 9.1.6 patch release or disable the vendor
talkd using the above chmod command.
If you have a Solaris 8.4 Athena machine, you should disable the
vendor talkd using the chmod command above, and should also disable
the Athena talkd by commenting out the "ntalk" line in
/etc/athena/inetd.conf and sending a HUP to the /etc/athena/inetd
process (or rebooting).
Athena IRIX machines were affected by this vulnerability, but it has
been corrected without the need for local action for 9.0 and 9.1 (only
/usr/athena/etc/talkd was affected, and it comes from AFS, where we
have fixed it). If you have an Athena IRIX 8.4 machine, you should
disable the Athena talkd by commenting out the ntalk line as described
above.
Athena Red Hat Linux machines are not affected by this vulnerability,
to the best of our knowledge.
If you have any questions or comments, please send them to
release-team@mit.edu.
