- Email: [email protected]
Sun finds vacation vulnerability
Network Security
April 7998
OS version 5.6 5.6-x86
Patch ID 105786-o 1 105787.01
For further information, send E-mail fo security-a/[email protected].
program. The vacation automatically replies to E-mail on behalf of the and notifies senders recipient is not currently the E-mail.
program incoming recipient that the reading
_
Shore up your defences, warns Microsoft Users of Windows NT in the UK are being advised by Microsoft to take rapid action to protect themselves from hackers. The advice comes as a result of an attack which took place in the United States where a hacker caused thousands of government and university computers to crash (see the March issue of Network Securify), including some at NASA. The attack took place at the beginning of March and was specifically at designed computers running Microsoft’s Windows NT. The attack was launched over the Internet, exploiting a previously identified security loophole. Back in January, Microsoft issued a fix to cure this vulnerability, but the 50 US sites attacked by the hacker had not applied the fixes or installed any firewalls. Microsoft is advising its 25 000 UK-based corporate customers to apply the fix immediately. The company claims that the hacker in the USA intended only to disrupt networks, rather than steal data.
Sun finds vacation vulnerability According to Sun Microsystems Inc. Security Bulletin #00163, a vulnerability has been found involving the vacation program which, if exploited, may allow attackers access to the account of the user running the vacation
0 1998 Elsevier
Science
Ltd
Patches are available to prevent this problem for the following Solaris versions: 2.6. 2.5.1, 2.5. 2.4, 2.3 and SunOS versions 4.1.4 and 4.1.3-U 1. Sun recommends the installation of a patch (see table) on systems running SunOS 5.6, 5.5.1, 5.5.1, 5.5, 5.4, 5.3, 4.1.4 and 4.1.3_Ul. OS version 5.6 5.6-x86 5.5.1 5.5.1-x86 5.5 5.5-x86 5.4 5.4-x86 5.3 4.1.4 4.1.3_Ul
Patch ID 05518-01 05519-01 05520-o 1 0552 1-O1 05533-O 1 05534-O 1 02066-2 1 102064- 19 101782-02 105466-o 1 105465-o 1
for further information, contact Sun Microsystems by E-mail: security-a/[email protected].
FreeBSD mmap vulnerability CIAC Advisory l-037 reports that a vulnerability exists in the 4.4BSD VM system which allows files to be ‘memory mapped’. CIAC reprints a FreeBSD security advisory. The 4.4BSD VM system allows files to be ‘memory mapped’ which causes the specified contents of a file to be made available to a process via its address space. Manipulations of that file can then be performed simply by manipulating memory, rather than using filesystem I/O calls. This technique is used to simplify code, speed up access to files,
and provide interprocess communication. Because of this problem it is possible to memorymap a read-only descriptor device in read-write mode. This hole can be used by members of group kmem to gain superuser privileges. It also allows the superuser to lower the system securelevel. As there is no workaround available it is necessary to apply a patch, rebuild your kernel, install and reboot the machine. Patches can be found following location:
at the
ftp://ftp.freebsd.org/pub/CERT/ patches/SA-98:021 for further information, contact C/AC on: + 1 925 422 8 793; f-mail: caic@//nl.gov.
Vulnerability in FreeBSD derived stacks Things aren’t going well for FreeBSD Inc. In another CIAC Security Alert (I-036) based on a FreeBSD Security Advisory we learn of a LAND attack which can cause harm to running FreeBSD systems. In most TCP stacks state is kept on the source and destination address of the packet received. A problem has been discovered in most FreeBSD stacks that allows a malicious user to send a packet that causes the system to lock up, producing a denial-of-service. This means that any person on the Internet who can send a FreeBSD machine a packet can cause it to lock up and be taken out of service. It is possible to partly work around this problem by using a firewall to filter packets from the Internet that appear to be from the local
3
April 7998
OS version 5.6 5.6-x86
Patch ID 105786-o 1 105787.01
For further information, send E-mail fo security-a/[email protected].
program. The vacation automatically replies to E-mail on behalf of the and notifies senders recipient is not currently the E-mail.
program incoming recipient that the reading
_
Shore up your defences, warns Microsoft Users of Windows NT in the UK are being advised by Microsoft to take rapid action to protect themselves from hackers. The advice comes as a result of an attack which took place in the United States where a hacker caused thousands of government and university computers to crash (see the March issue of Network Securify), including some at NASA. The attack took place at the beginning of March and was specifically at designed computers running Microsoft’s Windows NT. The attack was launched over the Internet, exploiting a previously identified security loophole. Back in January, Microsoft issued a fix to cure this vulnerability, but the 50 US sites attacked by the hacker had not applied the fixes or installed any firewalls. Microsoft is advising its 25 000 UK-based corporate customers to apply the fix immediately. The company claims that the hacker in the USA intended only to disrupt networks, rather than steal data.
Sun finds vacation vulnerability According to Sun Microsystems Inc. Security Bulletin #00163, a vulnerability has been found involving the vacation program which, if exploited, may allow attackers access to the account of the user running the vacation
0 1998 Elsevier
Science
Ltd
Patches are available to prevent this problem for the following Solaris versions: 2.6. 2.5.1, 2.5. 2.4, 2.3 and SunOS versions 4.1.4 and 4.1.3-U 1. Sun recommends the installation of a patch (see table) on systems running SunOS 5.6, 5.5.1, 5.5.1, 5.5, 5.4, 5.3, 4.1.4 and 4.1.3_Ul. OS version 5.6 5.6-x86 5.5.1 5.5.1-x86 5.5 5.5-x86 5.4 5.4-x86 5.3 4.1.4 4.1.3_Ul
Patch ID 05518-01 05519-01 05520-o 1 0552 1-O1 05533-O 1 05534-O 1 02066-2 1 102064- 19 101782-02 105466-o 1 105465-o 1
for further information, contact Sun Microsystems by E-mail: security-a/[email protected].
FreeBSD mmap vulnerability CIAC Advisory l-037 reports that a vulnerability exists in the 4.4BSD VM system which allows files to be ‘memory mapped’. CIAC reprints a FreeBSD security advisory. The 4.4BSD VM system allows files to be ‘memory mapped’ which causes the specified contents of a file to be made available to a process via its address space. Manipulations of that file can then be performed simply by manipulating memory, rather than using filesystem I/O calls. This technique is used to simplify code, speed up access to files,
and provide interprocess communication. Because of this problem it is possible to memorymap a read-only descriptor device in read-write mode. This hole can be used by members of group kmem to gain superuser privileges. It also allows the superuser to lower the system securelevel. As there is no workaround available it is necessary to apply a patch, rebuild your kernel, install and reboot the machine. Patches can be found following location:
at the
ftp://ftp.freebsd.org/pub/CERT/ patches/SA-98:021 for further information, contact C/AC on: + 1 925 422 8 793; f-mail: caic@//nl.gov.
Vulnerability in FreeBSD derived stacks Things aren’t going well for FreeBSD Inc. In another CIAC Security Alert (I-036) based on a FreeBSD Security Advisory we learn of a LAND attack which can cause harm to running FreeBSD systems. In most TCP stacks state is kept on the source and destination address of the packet received. A problem has been discovered in most FreeBSD stacks that allows a malicious user to send a packet that causes the system to lock up, producing a denial-of-service. This means that any person on the Internet who can send a FreeBSD machine a packet can cause it to lock up and be taken out of service. It is possible to partly work around this problem by using a firewall to filter packets from the Internet that appear to be from the local
3