[virusinfo] Network service spoofs by local users in Sun Solaris - 4/21/05

  • From: "Mike" <mikebike@xxxxxxxxx>
  • To: virusinfo@xxxxxxxxxxxxx
  • Date: Fri, 22 Apr 2005 08:53:59 -0700

From; Panda Oxygen3:

"Good actions ennoble us, and we are the sons of our own deeds."
           Miguel de Cervantes Saavedra (1547-1616); Spanish writer.

            - Network service spoofs by local users in Sun Solaris -
         Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)

Madrid, April 21st, 2005 - A vulnerability has been reported in Sun Solaris
systems that could allow local users to spoof certain network services.

A local user could initiate a process that compromises a non-privileged
port in order to spoof future connections to the services that are normally
run on that port.

Only services that are run on non-privileged ports are affected (such as
NFS or NIS) on Solaris 8 and 9. Solaris 7 and 10 are not affected.

Sun has published the following updates:

For SPARC platforms:
- Solaris 8:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-116965-08-1
- Solaris 9:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-118305-02-1

For x86 platforms
- Solaris 8:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-116966-08-1
- Solaris 9:
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-117470-01-1

NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the link to access the web page. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.

------------------------------------------------------------ 

The 5 viruses most frequently detected by Panda ActiveScan, Panda
Software's free online scanner:
1)Netsky.P; 2)Qhost.AF; 3)Bagle.CA; 4)Mhtredir.gen; 5)Shinwow.E.

------------------------------------------------------------
To contact with Panda Software, please visit:
http://www.pandasoftware.com/about/contact/
------------------------------------------------------------

*********** MIKE"S REPLY SEPARATOR  ***********
Mike ~ It is a good day if I learned something new.
Editor MikesWhatsNews see a sample on my web page
http://www3.telus.net/mikebike
<mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe>
http://www3.telus.net/mikebike/worm_removal.htm
See my Anti-Virus pages  http://virusinfo.hackfix.org/index
<virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe>
A Technical Support Alliance  and OWTA Charter Member

Other related posts:

  • » [virusinfo] Network service spoofs by local users in Sun Solaris - 4/21/05
  1. Home
  2. virusinfo
  3. Archive
  4. 04-2005