what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

SUN MICROSYSTEMS SECURITY BULLETIN: #00122

SUN MICROSYSTEMS SECURITY BULLETIN: #00122
Posted Jan 19, 1994

Patch advisory for Sun Microsystems. Please read for details.

SHA-256 | a9076f406dd5e0447538ca849c911978548c6555b5b5b1eec52a2f6bb18cb509

SUN MICROSYSTEMS SECURITY BULLETIN: #00122

Change Mirror Download
-----------------------------------------------------------------------------
SUN MICROSYSTEMS SECURITY BULLETIN: #00122, 21 October 93
-----------------------------------------------------------------------------

/\
\\ \ Send Replies or Inquiries To:
\ \\ /
/ \/ / / Sun Security Coordinator
/ / \//\ MS MPK2-04
\//\ / / 2550 Garcia Avenue
/ / /\ / Mountain View, CA 94043-1100
/ \\ \ Phone: 415-688-9081
\ \\ Fax: 415-688-9101
\/ Email: security-alert@Sun.COM



BULLETIN TOPICS

I. New security patches for "tar" and "sendmail"

A. tar
- patch 100975-02 (SunOS 5.1/Solaris 2.1)
- patch 101301-01 (SunOS 5.2/Solaris 2.2)

B. sendmail
- patch 100377-07 (SunOS 4.1.1, 4.1.2, and 4.1.3)
- patch 100840-03 (SunOS 5.1/Solaris 2.1)
- patch 101077-03 (SunOS 5.2/Solaris 2.2)

II. Advisory note concerning the potential misuse of /dev/audio devices

III. How to obtain Sun security patches

IV. How to report Sun security problems

-----------

This information is only to be used for the purpose of alerting
customers to problems. Any other use or re-broadcast of this
information without the express written consent of Sun Microsystems
shall be prohibited. Sun Microsystems expressly disclaims all liability
for any misuse of this information by any third party.

Sun Microsystems recommends that all customers concerned with the
security of their SunOS system(s) obtain and install all patches that
are applicable to their computing environment.


-----------------------------------------------------------------------------
SUN MICROSYSTEMS SECURITY BULLETIN: #00122, 21 October 93
-----------------------------------------------------------------------------

I. New Patches

A. tar
- patch 100975-02 (SunOS 5.1/Solaris 2.1)
- patch 101301-01 (SunOS 5.2/Solaris 2.2)

Bug 1145463 causes archive files produced by the Solaris 2.x tar to
contain extraneous information. The extraneous data, which can include
user id's (but not passwords), is ignored when the archive files are
restored to disk.

The patched tar produces archive files in the same format as all other
versions; but any extraneous data is set to zero. Restoring an existing
archive file to disk, and then producing a new file with the patched
tar, will result in a clean archive file with no extra non-zero data.

A version of this patch has been prepared for the upcoming release of
Solaris 2.3, and will be available as soon as 2.3 is released. The
patch ID at that time will be 101327-01. Currently available patches
are summarized in the table below.


System Patch ID Filename BSD SVR4
Checksum Checksum
------ -------- --------------- --------- -----------
Solaris 2.1 100975-02 100975-02.tar.Z 37034 374 13460 747
Solaris 2.2 101301-01 101301-01.tar.Z 22089 390 4703 779

The checksums shown above are from the BSD-based checksum
(on 4.1.x, /bin/sum; on Solaris 2.x, /usr/ucb/sum) and from the
SVR4 version that Sun has released on Solaris 2.x (/usr/bin/sum).

B. sendmail
- patch 100377-07 (SunOS 4.1.1, 4.1.2, 4.1.3, and 4.1.3c)
- patch 100840-03 (SunOS 5.1/Solaris 2.1)
- patch 101077-03 (SunOS 5.2/Solaris 2.2)

Bug 1144946 on 4.1.x systems (and, similarly, bug 1142888 on Solaris
2.x systems) creates a sendmail security hole which allows remote
users access to some files on the affected system.

A version of this patch is being prepared for the upcoming
Solaris 2.3 release, but no patch ID is available at this time.
Currently available patches are summarized in the table below.


System Patch ID Filename BSD SVR4
Checksum Checksum
------ -------- --------------- --------- -----------
SunOS 4.1.x 100377-07 100377-07.tar.Z 36122 586 11735 1171
Solaris 2.1 100840-03 100840-03.tar.Z 01153 194 39753 388
Solaris 2.2 101077-03 101077-03.tar.Z 49343 177 63311 353

The checksums shown above are from the BSD-based checksum
(on 4.1.x, /bin/sum; on Solaris 2.x, /usr/ucb/sum) and from the
SVR4 version that Sun has released on Solaris 2.x (/usr/bin/sum).


II. Advisory note concerning the potential misuse of /dev/audio devices

Recently some customers have expressed the concern that the
microphone found on Sun workstations could be used for eavesdropping.

This note, which is pertinent to both 4.1.x and 5.x systems, describes
- The default settings of permissions on the audio devices
- How to set permissions on the system to prevent unauthorized use
of the microphone
- Changes upcoming in Solaris 2.3 which improve the security of
such devices.

Note, however, that Sun recommends that customers who have a security
concern regarding the microphone either switch off or unplug the
microphone to prevent unauthorized listening.

The initial permissions for the audio data device, /dev/audio, allow
anyone to listen with the microphone when it is turned on. Also, the
permissions for the audio contol device, /dev/audioctl, allow anyone
to vary playback and record settings such as volume. "Anyone", in
this case, may include include users on a remote workstation
(depending, for example, on the settings in the user's .rhosts
file).

One way to prevent unauthorized use of the system's audio devices is
become root and change the permissions and owner of /dev/audio and
/dev/audioctl. The owner should be the user that will use the
machine's console. For example, to allow only the user "graff" read
and write access to the audio device and audio control device,
execute commands such as:

# chmod 600 /dev/audio*
# chown graff /dev/audio*

then check to see that the permissions resemble:

# ls -lL /dev/audio*
crw------- 1 graff sys 28, 0 Jul 12 14:20 /dev/audio
crw------- 1 graff sys 28,128 Jul 12 14:20 /dev/audioctl

The owner and permissions for /dev/audio and /dev/audioctl will stay
the same until manually changed, so if you want a different user to
have access to the microphone you will need to use chown to change
the owner of /dev/audio and /dev/audioctl to the new user.

On SunOS 4.1.x systems, the /etc/fbtab file can be used to
automatically have the audio data device and audio control device
accessible to only the console user. This capability does not exist
in Solaris 2.1 and 2.2; but similar functionality (see
/etc/logindevperm) has been added to the upcoming 2.3 release.

To restrict access to the audio devices using the SunOS 4.1.x
/etc/fbtab file, become root and edit /etc/fbtab, adding these lines
to the end of the file:

/dev/console 0600 /dev/audio
/dev/console 0600 /dev/audioctl

Then logout and login. Check the permissions with ls; they should
look like this if the console user is root:

# ls -lg /dev/audio*
crw------- 1 root daemon 69, 0 Jul 12 15:26 /dev/audio
crw------- 1 root daemon 69, 1 Jul 12 15:26 /dev/audioctl

If a non-root user is logged into the console the owner will be that
user and the group will be the user's default group. When no one is
logged into the console the /etc/fbtab entry above will cause
/dev/audio and /dev/audioctl to have these permissions:

# ls -lg /dev/audio*
crw------- 1 root wheel 69, 0 Jul 12 15:26 /dev/audio
crw------- 1 root wheel 69, 1 Jul 12 15:26 /dev/audioctl


III. How to obtain Sun security patches

Customers with Sun support contracts can obtain the patches listed
here, and all Sun security patches, from:

- Your local Sun answer centers, worldwide
- SunSolve Online

Please refer to the Bug ID and Patch ID when requesting patches from Sun
answer centers.

Security patches are also available without a support contract via
anonymous ftp:

- In the US, from /systems/sun/sun-dist on ftp.uu.net
- In Europe, from ~ftp/sun/fixes on ftp.eu.net


IV. How to report Sun security problems

If you discover a security problem with Sun software, please contact
one or more of the following:

- Your local Sun answer centers, worldwide
- Your representative computer security response team, such as CERT
- This office. Address postal mail to:

Sun Security Coordinator
MS MPK2-04
2550 Garcia Avenue
Mountain View, CA 94043-1100

Phone: 415-688-9081
Fax: 415-688-9101
Email: security-alert@Sun.COM


-----------

If you received this bulletin indirectly and would like to be added
to Sun's Customer Warning System mailing list in order to receive
future bulletins directly, send a request to the address above with
your affiliation and contact information. If you have e-mail access,
send mail to "security-alert@Sun.COM" with the subject "subscribe"
and your affiliation and contact information in the message body.
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close