[8606] in bugtraq
Re: Sun Security Bulletin #00179
daemon@ATHENA.MIT.EDU (Jonathan A. Zdziarski)
Fri Nov 20 12:32:46 1998
Date: Thu, 19 Nov 1998 10:11:48 -0500
Reply-To: "Jonathan A. Zdziarski" <jonz@NETRAIL.NET>
From: "Jonathan A. Zdziarski" <jonz@NETRAIL.NET>
X-To: Aleph One <aleph1@DFW.NET>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.SUN.4.01.9811181301290.2797-100000@dfw.nationwide.net>
Although Solaris 7 was not listed, since this is a recent bulletin I'm
curious if anyone has some code I could run on my Solaris 7 Machine to
see if it is vulnerable.
On Wed, 18 Nov 1998, Aleph One wrote:
> ---------- Forwarded message ----------
> Date: Wed, 18 Nov 1998 10:28:17 -0800
> From: Sun Security Coordination Team <secure@sunsc.Eng.Sun.COM>
> To: CWS@security.Eng.Sun.COM
> Subject: Sun Security Bulletin #00179
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> ________________________________________________________________________________
> Sun Microsystems, Inc. Security Bulletin
>
> Bulletin Number: #00179
> Date: November 18, 1998
> Cross-Ref:
> Title: rdist
> ________________________________________________________________________________
>
> The information contained in this Security Bulletin is provided "AS IS."
> Sun makes no warranties of any kind whatsoever with respect to the information
> contained in this Security Bulletin. ALL EXPRESS OR IMPLIED CONDITIONS,
> REPRESENTATIONS AND WARRANTIES, INCLUDING ANY WARRANTY OF NON-INFRINGEMENT OR
> IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, ARE
> HEREBY DISCLAIMED AND EXCLUDED TO THE EXTENT ALLOWED BY APPLICABLE LAW.
>
> IN NO EVENT WILL SUN MICROSYSTEMS, INC. BE LIABLE FOR ANY LOST REVENUE,
> PROFIT OR DATA, OR FOR DIRECT, SPECIAL, INDIRECT, CONSEQUENTIAL, INCIDENTAL
> OR PUNITIVE DAMAGES HOWEVER CAUSED AND REGARDLESS OF ANY THEORY OF LIABILITY
> ARISING OUT OF THE USE OF OR INABILITY TO USE THE INFORMATION CONTAINED IN
> THIS SECURITY BULLETIN, EVEN IF SUN MICROSYSTEMS, INC. HAS BEEN ADVISED OF
> THE POSSIBILITY OF SUCH DAMAGES.
>
> If any of the above provisions are held to be in violation of applicable law,
> void, or unenforceable in any jurisdiction, then such provisions are waived
> to the extent necessary for this disclaimer to be otherwise enforceable in
> such jurisdiction.
> ________________________________________________________________________________
>
> 1. Background
>
> The rdist program is a setuid root utility that distributes files
> from one host to another. Several buffer overflow vulnerabilities
> have been discovered which could be exploited by an attacker to
> gain root access.
>
> 2. Affected Supported Versions
>
> Solaris(tm) versions: 2.6, 2.6_x86, 2.5.1, 2.5.1_x86, 2.5, 2.5_x86,
> 2.4, 2.4_x86 and 2.3
>
> SunOS(tm) versions: 4.1.4 and 4.1.3_U1
>
> 3. Recommendations
>
> Sun recommends that you install the respective patches immediately
> on affected systems.
>
> Operating System Patch ID
> _________________ _________
> Solaris 2.6 105667-02
> Solaris 2.6_x86 105668-02
> Solaris 2.5.1 103817-03
> Solaris 2.5.1_x86 103818-03
> Solaris 2.5 103815-03
> Solaris 2.5_x86 103816-03
> Solaris 2.4 103813-03
> Solaris 2.4_x86 103814-03
> Solaris 2.3 101494-04
> SunOS 4.1.4 103824-04
> SunOS 4.1.3_U1 103823-04
>
> _______________________________________________________________________________
> APPENDICES
>
> A. Patches listed in this bulletin are available to all Sun customers via
> World Wide Web at:
>
> <URL:http://sunsolve.sun.com/sunsolve/pubpatches/patches.html>
>
> B. Checksums for the patches listed in this bulletin are available via
> World Wide Web at:
>
> <URL:http://sunsolve.sun.com/sunsolve/pubpatches/patches.html>
>
> C. Sun security bulletins are available via World Wide Web at:
>
> <URL:http://sunsolve.sun.com/sunsolve/secbulletins>
>
> D. Sun Security Coordination Team's PGP key is available via World Wide Web
> at:
>
> <URL:http://sunsolve.sun.com/sunsolve/secbulletins/SunSCkey.txt>
>
> E. To report or inquire about a security problem with Sun software, contact
> one or more of the following:
>
> - Your local Sun answer centers
> - Your representative computer security response team, such as CERT
> - Sun Security Coordination Team. Send email to:
>
> security-alert@sun.com
>
> F. To receive information or subscribe to our CWS (Customer Warning System)
> mailing list, send email to:
>
> security-alert@sun.com
>
> with a subject line (not body) containing one of the following commands:
>
> Command Information Returned/Action Taken
> _______ _________________________________
>
> help An explanation of how to get information
>
> key Sun Security Coordination Team's PGP key
>
> list A list of current security topics
>
> query [topic] The email is treated as an inquiry and is forwarded to
> the Security Coordination Team
>
> report [topic] The email is treated as a security report and is
> forwarded to the Security Coordination Team. Please
> encrypt sensitive mail using Sun Security Coordination
> Team's PGP key
>
> send topic A short status summary or bulletin. For example, to
> retrieve a Security Bulletin #00138, supply the
> following in the subject line (not body):
>
> send #138
>
> subscribe Sender is added to our mailing list. To subscribe,
> supply the following in the subject line (not body):
>
> subscribe cws your-email-address
>
> Note that your-email-address should be substituted
> by your email address.
>
> unsubscribe Sender is removed from the CWS mailing list.
> ________________________________________________________________________________
>
> Copyright 1998 Sun Microsystems, Inc. All rights reserved. Sun,
> Sun Microsystems, Solaris and SunOS are trademarks or registered trademarks
> of Sun Microsystems, Inc. in the United States and other countries. This
> Security Bulletin may be reproduced and distributed, provided that this
> Security Bulletin is not modified in any way and is attributed to
> Sun Microsystems, Inc. and provided that such reproduction and distribution
> is performed for non-commercial purposes.
>
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
>
> iQCVAwUBNlMEOrdzzzOFBFjJAQEcnQP/RcsWA24K1MkJAuHnyP2aAXOJc5p0VJIL
> sWZXfan4xnefaEB6Rm08oyXIncCorNgpnzjr+746btjcnws19jC74zGxv7g0m/Vc
> iLu3IGgvPUbPe4VULr0l8wyeSznwxEoN50N5r1DA7C34g5Vtf8cx1u3/kYWWRMa/
> 26FMoi1CMcY=
> =x2Od
> -----END PGP SIGNATURE-----
>
Thank you,
Jonathan A. Zdziarski
Sr. Systems Administrator
Netrail, inc.
888.NET.RAIL x240