[61] in Security FYI
issues with the many new MITnet hosts in September
daemon@ATHENA.MIT.EDU (mhpower@MIT.EDU)
Thu Sep 7 16:51:09 2000
From: mhpower@MIT.EDU
Message-Id: <20000907205102.80950.qmail@customer-care.infrastructure.org>
Date: Thu, 7 Sep 2000 16:51:02 -0400
To: security-fyi@MIT.EDU
Cc: rccsuper@MIT.EDU, ilg-net-help@MIT.EDU
Reply-To: net-security@MIT.EDU
-----BEGIN PGP SIGNED MESSAGE-----
As most of you know, early September is the time of year when the
largest number of new machines become active on MITnet. Most of the
new machines are student-owned, but there also tend to be many
elsewhere, e.g., research machines that weren't used during the
summer. Some of the security issues that were first publicized during
the summer (or late spring), and the corresponding patches, are:
buffer overflows in Kerberos daemons such as klogind and kshd
http://www.cert.org/advisories/CA-2000-06.html
(affects Athena releases prior to 8.3.28)
wu-ftpd format-string vulnerability
http://www.cert.org/advisories/CA-2000-13.html
Linux rpc.statd format-string vulnerability
http://www.cert.org/advisories/CA-2000-17.html
Irix telnetd format-string vulnerability
ftp://sgigate.sgi.com/security/20000801-01-P
(The latter issue is exactly the same as what was mentioned in an
earlier security-fyi message today, with the subject line "Irix
telnetd vulnerability patches released".)
If you know of MIT Unix/Linux hosts that weren't active during the
summer, it would be a good idea to check whether these four
vulnerabilities, all of which allow remote root compromise, are
patched. (Reviewing more general lists of critical security problems,
e.g., see http://www.sans.org/topten.htm, is also worthwhile.) The
Network Security team will be doing vulnerability scanning of all MIT
hosts with the goal of, where possible, identifying the ones on which
these vulnerabilities have clearly been left unpatched. The web page
http://web.mit.edu/net-security/www/faq.html#legitimate-probes has a
few additional details about this type of vulnerability scanning.
Matt Power
Network Security team, MIT Information Systems
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBObf+kaXcG113/1BtAQFgqgP+PfZWUuLVPjIweRgFAS9AJLyjG1n7kvZb
5fWC6Z8a8OWWno96R6VyCzujF2SKHoko2edQGn/GkFVaNujYilKGH5j86kHGxrpD
Q5Gr1r6Mf3JDrteTi0fGxqVcI+77Mjl2tRfnIry8vg2kw54kv3S3q8jjXO5DE0Ou
hsDQe0HGtvM=
=qUm+
-----END PGP SIGNATURE-----
