home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
InfoMagic Standards 1994 January
/
InfoMagic Standards - January 1994.iso
/
inet
/
scc
/
9126
< prev
next >
Wrap
Text File
|
1991-12-19
|
5KB
|
104 lines
**************************************************************************
Security Bulletin 9126 DISA Defense Communications System
19 December 1991 Published by: DDN Security Coordination Center
(SCC@NIC.DDN.MIL) 1-(800) 365-3642
DEFENSE DATA NETWORK
SECURITY BULLETIN
The DDN SECURITY BULLETIN is distributed by the DDN SCC (Security
Coordination Center) under DISA contract as a means of communicating
information on network and host security exposures, fixes, & concerns
to security & management personnel at DDN facilities. Back issues may
be obtained via FTP (or Kermit) from NIC.DDN.MIL [192.112.36.5]
using login="anonymous" and password="guest". The bulletin pathname is
SCC:DDN-SECURITY-yynn (where "yy" is the year the bulletin is issued
and "nn" is a bulletin number, e.g. SCC:DDN-SECURITY-9126).
**************************************************************************
+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +
! !
! The following important advisory was issued by the Computer !
! Emergency Response Team (CERT) and is being relayed unedited !
! via the Defense Information Systems Agency's Security !
! Coordination Center distribution system as a means of !
! providing DDN subscribers with useful security information. !
! !
+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +
===========================================================================
CA-91:22 CERT Advisory
December 16, 1991
SunOS OpenWindows V3.0 Patch
---------------------------------------------------------------------------
The Computer Emergency Response Team/Coordination Center (CERT/CC) has
received information concerning a vulnerability in Sun Microsystems,
Inc. (Sun) OpenWindows version 3.0. This vulnerability exists on all
sun4 and sun4c architectures running SunOS 4.1.1.
Sun has provided a patch for this vulnerability. It is available
through your local Sun Answer Center as well as through anonymous ftp
from the ftp.uu.net (192.48.96.2) system in the /sun-dist directory.
Fix PatchID Filename Checksum
loadmodule 1076118 100448-01.tar.Z 04354 5
Please note that Sun will occasionally update patch files. If you
find that the checksum is different please contact Sun or the CERT/CC
for verification.
---------------------------------------------------------------------------
I. Description
An OpenWindows, version 3, setuid program (loadmodule(8)) can be
exploited to execute a user's program using the effective UID of root.
II. Impact
This vulnerability allows a local user to gain root access.
III. Solution
Obtain the patch from Sun or from ftp.uu.net and install, following the
provided instructions.
As root:
1. Move the existing loadmodule aside.
# mv $OPENWINHOME/bin/loadmodule $OPENWINHOME/bin/loadmodule.orig
# chmod 400 $OPENWINHOME/bin/loadmodule.orig
2. Copy the new loadmodule into the OpenWindows bin directory.
# cp sun4/loadmodule $OPENWINHOME/bin/loadmodule
# chown root $OPENWINHOME/bin/loadmodule
# chmod 4755 $OPENWINHOME/bin/loadmodule
See the README file provided with the patch for more information.
---------------------------------------------------------------------------
The CERT/CC wishes to thank Ken Pon at Sun Microsystems, Inc. for alerting
us to this vulnerability.
---------------------------------------------------------------------------
If you believe that your system has been compromised, contact CERT/CC via
telephone or e-mail.
Internet E-mail: cert@cert.sei.cmu.edu
Telephone: 412-268-7090 24-hour hotline:
CERT/CC personnel answer 7:30a.m.-6:00p.m. EST(GMT-5)/EDT(GMT-4),
on call for emergencies during other hours.
Computer Emergency Response Team/Coordination Center (CERT/CC)
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA 15213-3890
Past advisories and other information related to computer security are
available for anonymous ftp from the cert.sei.cmu.edu (192.88.209.5)
system.