Solaris hole gives hackers free rein

[InfoSec News <isn () c4i org>]

http://www.zdnet.com.au/news/breakingnews/story/0,2000020826,20233977,00.htm

By Matthew Broersma, ZDNet News
22 June 2001

Researchers have discovered a bug that could give hackers unlimited
access to any machine running Sun's Unix operating system, Solaris.  
The bug, discovered by security consultancy ISS X-Force, affects a
utility designed to give remote users access to a local printer. The
line printer daemon (in.lpd), as it is called, contains a flaw in the
"transfer job" routine that could allow hackers to overflow an
unchecked buffer, a common means of gaining unauthorised access to a
computer.
 
Hackers could exploit the flaw to crash the printer daemon or execute
malicious code with system administrator privileges, according to
X-Force. The printer software is installed by default on all Solaris
systems.

Sun says it is working on a fix, which will be available next month,
and X-Force recommends the software be turned off until the patch is
available.

Solaris runs on Sun Microsystems and Intel hardware, and is the
dominant operating system for high-end Internet servers.


 



ISN is hosted by SecurityFocus.com
---
To unsubscribe email isn-unsubscribe () SecurityFocus com.