[8606] in bugtraq

home help back first fref pref prev next nref lref last post

Re: Sun Security Bulletin #00179

daemon@ATHENA.MIT.EDU (Jonathan A. Zdziarski)
Fri Nov 20 12:32:46 1998

Date: 	Thu, 19 Nov 1998 10:11:48 -0500
Reply-To: "Jonathan A. Zdziarski" <jonz@NETRAIL.NET>
From: "Jonathan A. Zdziarski" <jonz@NETRAIL.NET>
X-To:         Aleph One <aleph1@DFW.NET>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <Pine.SUN.4.01.9811181301290.2797-100000@dfw.nationwide.net>

Although Solaris 7 was not listed, since this is a recent bulletin I'm
curious if anyone has some code I could run on my Solaris 7 Machine to
see if it is vulnerable.

On Wed, 18 Nov 1998, Aleph One wrote:

> ---------- Forwarded message ----------
> Date: Wed, 18 Nov 1998 10:28:17 -0800
> From: Sun Security Coordination Team <secure@sunsc.Eng.Sun.COM>
> To: CWS@security.Eng.Sun.COM
> Subject: Sun Security Bulletin #00179
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> ________________________________________________________________________________
>                    Sun Microsystems, Inc. Security Bulletin
>
> Bulletin Number:        #00179
> Date:                   November 18, 1998
> Cross-Ref:
> Title:                  rdist
> ________________________________________________________________________________
>
> The information contained in this Security Bulletin is provided "AS IS."
> Sun makes no warranties of any kind whatsoever with respect to the information
> contained in this Security Bulletin. ALL EXPRESS OR IMPLIED CONDITIONS,
> REPRESENTATIONS AND WARRANTIES, INCLUDING ANY WARRANTY OF NON-INFRINGEMENT OR
> IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, ARE
> HEREBY DISCLAIMED AND EXCLUDED TO THE EXTENT ALLOWED BY APPLICABLE LAW.
>
> IN NO EVENT WILL SUN MICROSYSTEMS, INC. BE LIABLE FOR ANY LOST REVENUE,
> PROFIT OR DATA, OR FOR DIRECT, SPECIAL, INDIRECT, CONSEQUENTIAL, INCIDENTAL
> OR PUNITIVE DAMAGES HOWEVER CAUSED AND REGARDLESS OF ANY THEORY OF LIABILITY
> ARISING OUT OF THE USE OF OR INABILITY TO USE THE INFORMATION CONTAINED IN
> THIS SECURITY BULLETIN, EVEN IF SUN MICROSYSTEMS, INC. HAS BEEN ADVISED OF
> THE POSSIBILITY OF SUCH DAMAGES.
>
> If any of the above provisions are held to be in violation of applicable law,
> void, or unenforceable in any jurisdiction, then such provisions are waived
> to the extent necessary for this disclaimer to be otherwise enforceable in
> such jurisdiction.
> ________________________________________________________________________________
>
> 1.  Background
>
>     The rdist program is a setuid root utility that distributes files
>     from one host to another. Several buffer overflow vulnerabilities
>     have been discovered which could be exploited by an attacker to
>     gain root access.
>
> 2.  Affected Supported Versions
>
>     Solaris(tm) versions:   2.6, 2.6_x86, 2.5.1, 2.5.1_x86, 2.5, 2.5_x86,
>                             2.4, 2.4_x86 and 2.3
>
>     SunOS(tm) versions:     4.1.4 and 4.1.3_U1
>
> 3.  Recommendations
>
>     Sun recommends that you install the respective patches immediately
>     on affected systems.
>
>     Operating System    Patch ID
>     _________________   _________
>     Solaris 2.6         105667-02
>     Solaris 2.6_x86     105668-02
>     Solaris 2.5.1       103817-03
>     Solaris 2.5.1_x86   103818-03
>     Solaris 2.5         103815-03
>     Solaris 2.5_x86     103816-03
>     Solaris 2.4         103813-03
>     Solaris 2.4_x86     103814-03
>     Solaris 2.3         101494-04
>     SunOS 4.1.4         103824-04
>     SunOS 4.1.3_U1      103823-04
>
> _______________________________________________________________________________
> APPENDICES
>
> A.  Patches listed in this bulletin are available to all Sun customers via
>     World Wide Web at:
>
>         <URL:http://sunsolve.sun.com/sunsolve/pubpatches/patches.html>
>
> B.  Checksums for the patches listed in this bulletin are available via
>     World Wide Web at:
>
>         <URL:http://sunsolve.sun.com/sunsolve/pubpatches/patches.html>
>
> C.  Sun security bulletins are available via World Wide Web at:
>
>         <URL:http://sunsolve.sun.com/sunsolve/secbulletins>
>
> D.  Sun Security Coordination Team's PGP key is available via World Wide Web
>     at:
>
>         <URL:http://sunsolve.sun.com/sunsolve/secbulletins/SunSCkey.txt>
>
> E.  To report or inquire about a security problem with Sun software, contact
>     one or more of the following:
>
>         - Your local Sun answer centers
>         - Your representative computer security response team, such as CERT
>         - Sun Security Coordination Team. Send email to:
>
>                 security-alert@sun.com
>
> F.  To receive information or subscribe to our CWS (Customer Warning System)
>     mailing list, send email to:
>
>                 security-alert@sun.com
>
>     with a subject line (not body) containing one of the following commands:
>
>         Command         Information Returned/Action Taken
>         _______         _________________________________
>
>         help            An explanation of how to get information
>
>         key             Sun Security Coordination Team's PGP key
>
>         list            A list of current security topics
>
>         query [topic]   The email is treated as an inquiry and is forwarded to
>                         the Security Coordination Team
>
>         report [topic]  The email is treated as a security report and is
>                         forwarded to the Security Coordination Team. Please
>                         encrypt sensitive mail using Sun Security Coordination
>                         Team's PGP key
>
>         send topic      A short status summary or bulletin. For example, to
>                         retrieve a Security Bulletin #00138, supply the
>                         following in the subject line (not body):
>
>                                 send #138
>
>         subscribe       Sender is added to our mailing list.  To subscribe,
>                         supply the following in the subject line (not body):
>
>                                 subscribe cws your-email-address
>
>                         Note that your-email-address should be substituted
>                         by your email address.
>
>         unsubscribe     Sender is removed from the CWS mailing list.
> ________________________________________________________________________________
>
> Copyright 1998 Sun Microsystems, Inc. All rights reserved. Sun,
> Sun Microsystems, Solaris and SunOS are trademarks or registered trademarks
> of Sun Microsystems, Inc. in the United States and other countries. This
> Security Bulletin may be reproduced and distributed, provided that this
> Security Bulletin is not modified in any way and is attributed to
> Sun Microsystems, Inc. and provided that such reproduction and distribution
> is performed for non-commercial purposes.
>
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
>
> iQCVAwUBNlMEOrdzzzOFBFjJAQEcnQP/RcsWA24K1MkJAuHnyP2aAXOJc5p0VJIL
> sWZXfan4xnefaEB6Rm08oyXIncCorNgpnzjr+746btjcnws19jC74zGxv7g0m/Vc
> iLu3IGgvPUbPe4VULr0l8wyeSznwxEoN50N5r1DA7C34g5Vtf8cx1u3/kYWWRMa/
> 26FMoi1CMcY=
> =x2Od
> -----END PGP SIGNATURE-----
>

Thank you,

Jonathan A. Zdziarski
Sr. Systems Administrator
Netrail, inc.
888.NET.RAIL x240

home help back first fref pref prev next nref lref last post