Re: Solaris Flaw Leaves Machines Open to Attacks

[InfoSec News <isn () c4i org>]

Forwarded from: matthew patton <pattonme () yahoo com>

--- InfoSec News <isn () c4i org> wrote:
> http://www.eweek.com/article2/0,4149,1269800,00.asp
>
> By Dennis Fisher 
> September 16, 2003   
>  
> There is a serious security flaw in several versions of both Solaris 
> and Trusted Solaris that make it possible for virtually any remote or
>
> local user to gain root privileges on a vulnerable machine.

so all that NSA code-review and all that jaz to get the "trusted"
certification didn't come across this bug eh? So, what's the cert
worth then? IMO zilch.

> The problem lies in the Solstice AdminSuite, a set of tools Sun
> Microsystems Inc. includes with the operating system that allows
> administrators to perform remote administration tasks.

And a tool I hate with a passion. Actually any obligatory GUI tool is
something I despise when the commandline is perfectly capable.

> The sadmind daemon is installed by default on most default
> installations of Solaris.

and unfortunately I'd wager that 98% of installed systems are default.
Pity despite the YEARS of security people trying to hammer home the
concept, few admins bother to strip their boxes of EVERYTHING that is
not specifically, absolutely necessary. Will it ever end?

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.