exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

ISS Security Advisory

ISS Security Advisory
Posted Nov 24, 1998

Internet Security System (ISS) X-Force has discovered a serious vulnerability in Sun Microsystems Solstice Enterprise Agent and the Solaris operating system. This vulnerability allows attackers to execute arbitrary commands with root privileges, manipulate system parameters and kill processes.

SHA-256 | ca12cba252d336bc70bfbd46f53e05129b8411dc2a71dc6573efe3a05745712e

ISS Security Advisory

Change Mirror Download

From xforce@ISS.NET Tue Nov 3 20:24:02 1998
From: X-Force <xforce@ISS.NET>
To: BUGTRAQ@netspace.org
Date: Mon, 2 Nov 1998 17:47:32 -0500
Subject: ISS Security Advisory: Hidden community string in SNMP implementation

-----BEGIN PGP SIGNED MESSAGE-----


ISS Security Advisory
November 2nd, 1998

Hidden community string in SNMP implementation

Synopsis:

Internet Security System (ISS) X-Force has discovered a serious vulnerability
in Sun Microsystems Solstice Enterprise Agent and the Solaris operating system.
This vulnerability allows attackers to execute arbitrary commands with root
privileges, manipulate system parameters and kill processes.

Affected Systems:

ISS X-Force has discovered that this vulnerability is present on the Solaris
Operating System version 2.6. Earlier versions are vulnerable. Solaris 2.7
beta is also not vulnerable.

Fix Information:

Sun has made the following patch available:

106787-02: Solaris 5.6

Many administrators have no need for host based SNMP agents. Administrators
can disable the SNMP daemons temporarily by executing the following commands:

# /etc/init.d/init.snmpdx stop
# mv /etc/rc3.d/S76snmpdx /etc/rc3.d/DISABLED_S76snmpdx

Description:

The vulnerabilities are present in the SNMP daemons shipping with Solaris 2.6.
Solaris 2.6 is configured by default to support SNMP. A hidden and
undocumented community string is present in the SNMP subagent which may allow
remote attackers change most system parameters. Remote attackers may kill any
process, update routes, potentially sidestep firewalls or disable network
interfaces. Most notably, attackers may indirectly execute arbitrary commands
with superuser privileges.

This vulnerability is compounded by the fact that these SNMP daemons are
configured and executed by default. Attackers do not need local access to the
target host to exploit this vulnerability.

Additional Information:

ISS Internet Scanner and ISS RealSecure real-time intrusion detection software
have the capability to detect these vulnerabilities.

- ----------

Copyright (c) 1998 by Internet Security Systems, Inc.

Permission is hereby granted for the redistribution of this alert
electronically. It is not to be edited in any way without express consent
of X-Force. If you wish to reprint the whole or any part of this alert in
any other medium excluding electronic medium, please e-mail xforce@iss.net
for permission.

Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There are
NO warranties with regard to this information. In no event shall the author
be liable for any damages whatsoever arising out of or in connection with
the use or spread of this information. Any use of this information is at
the user's own risk.

X-Force PGP Key available at: http://www.iss.net/xforce/sensitive.html as
well as on MIT's PGP key server and PGP.com's key server.

X-Force Vulnerability and Threat Database: http://www.iss.net/xforce

Please send suggestions, updates, and comments to:
X-Force <xforce@iss.net> of Internet Security Systems, Inc.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv

iQCVAwUBNj4p8TRfJiV99eG9AQEABAQAoiiMDK/lRoYk9OmVvQjPe3asJ+++foIR
6U41EtCXF4R38po2GtBeIA8C2XCgAEzbs+dfawJJx2emgecuJSIMrg0byhPesgxn
jgAtL/j3k7R2rf+Qp6pIwgJ6pWQiF86H812HwUVbOaE+BBfyUPpxlPWtNrGVFqcb
Rs6dobk2GZg=
=XX5W
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close