[115] in Security FYI
Vulnerability in CDE Subprocess Control Service (dtspcd) being
daemon@ATHENA.MIT.EDU (Bob Mahoney)
Tue Jan 15 20:55:29 2002
Mime-Version: 1.0
Message-Id: <p05010400b86a82253028@[66.92.67.187]>
Date: Tue, 15 Jan 2002 20:55:32 -0500
To: security-fyi@mit.edu, netusers@mit.edu
From: Bob Mahoney <bobmah@MIT.EDU>
Cc: Security Team <security-internal@mit.edu>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
An existing vulnerability in the Common Desktop Environment (CDE),
specifically the CDE Subprocess Control Service (dtspcd), is now
being ACTIVELY exploited on Solaris systems running this service.
Non-Solaris systems (such as Digital UNIX, IRIX, AIX, and HPUX, among
others) also have this vulnerability, although actual exploits for
these systems have not yet been observed.
A patch is available to address this problem. This is a critical
vulnerability for Solaris systems, and system maintainers should
immediately apply this patch, or disable the dtspc service. The
patch is available at:
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/214&type=0&nav=sec.sbl&ttl=sec.sbl
Background about the vulnerability, and vendor information, is
detailed in the following CERT advisory:
http://www.kb.cert.org/vuls/id/172583
The observation of this exploit is discussed in:
http://www.cert.org/advisories/CA-2002-01.html
Maintainers of other UNIX systems that ship with CDE such as Digital
UNIX and HPUX should also examine the above advisory, and immediately
patch their systems as directed in the vendor information. Though
exploits for these systems have not yet been observed in the wild,
the vulnerability is of a critical nature.
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.3
iQA/AwUBPETdnXrxxeI5xewJEQJdawCghfXgJ7pdKPZJyI0uC8HLGr4LcbAAn0xi
z7LjoRY7LE1zVgDwoewxRJIh
=3ebr
-----END PGP SIGNATURE-----
