-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =============================================================================== >> CERT-NL, 01-Mar-2000 << >> All CERT-NL information has been moved to http://cert.surfnet.nl. Links << >> to CERT-NL information contained in this advisory are therefore outdated. << >> << >> CERT-NL also has stopped the CERT-CC-Mirror service. Due to this the << >> links to the CERT-CC mirror are obsolete. Visit the CERT-CC site for the << >> complete CERT-CC advisory texts: http://www.cert.org << =============================================================================== =============================================================================== Security Advisory CERT-NL =============================================================================== Author/Source : CERT-NL Index : S-92-15 Distribution : SURFnet Constituency Page : 1 Classification: External Version: final Subject : Multiple SunOS Vulnerabilities Patched Date : 21-jul-92 =============================================================================== CERT-NL (SURFnet Computer Emergency Response Team) has received information concerning several security problems in SunOS. CERT-NL wishes to thank CERT/CC for bringing this to our attention. =========================================================================== CA-92:15 CERT Advisory July 21, 1992 Multiple SunOS Vulnerabilities Patched - --------------------------------------------------------------------------- The CERT/CC (Computer Emergency Response Team/Coordination Center) has received information concerning several vulnerabilities in the Sun Microsystems, Inc. (Sun) operating system (SunOS). These vulnerabilities affect all architectures and supported versions of SunOS including 4.1, 4.1.1, and 4.1.2 on sun3, sun3x, sun4, sun4c, and sun4m. The patches have been released as upgrades to three existing patch files. Since application of these patches involves rebuilding your system kernel file (/vmunix), it is recommended that you apply all patches simultaneously. Use the procedure described below to apply the patches and rebuild the kernel. Sun has provided patches for these vulnerabilities as updates to Patch IDs 100173, 100376, and 100567. They are available through your local Sun Answer Centers worldwide as well as through anonymous ftp from the ftp.uu.net (137.39.1.9) system (in the /systems/sun/sun-dist directory). Fix Patch ID Filename Checksum NFS Jumbo 100173-08 100173-08.tar.Z 32716 562 Integer mul/div 100376-04 100376-04.tar.Z 12884 100 ICMP redirects 100567-02 100567-02.tar.Z 23118 13 Please note that Sun Microsystems sometimes updates patch files. If you find that the checksum is different please contact Sun Microsystems or CERT for verification. - --------------------------------------------------------------------------- NFS jumbo patch upgrade, SunOS 4.1, 4.1.1, 4.1.2, all architectures I. Description The upgrade to the NFS Jumbo patch addresses a vulnerability that allows an intruder to become root using NFS. This vulnerability affects all architectures and supported versions of SunOS. II. Impact A remote user may exploit this vulnerability to gain root access. III. Solution Extract the new files to be installed in the kernel. Install the patch files in /sys/`arch -k`/OBJ as described in the README file included in the patch file. Be sure to make a backup of each of the files you are replacing before moving the patched file to the /sys/`arch -k`/OBJ directory. Config, make, and install the new kernel to include all patches described in this advisory appropriate to your system. Reboot each host using the appropriate kernel. Refer to the Systems and Network Administration manual for instructions on building and configuring a new custom kernel. Integer mul/div patch upgrade, SunOS 4.1, 4.1.1, 4.1.2, SPARC architectures I. Description The integer mul/div patch upgrade addresses an additional problem with the integer multiplication emulation code on SPARC architectures that allows an intruder to become root. This vulnerability affects SPARC architectures (sun4, sun4c, and sun4m) for all supported versions of SunOS (4.1, 4.1.1, and 4.1.2). II. Impact A local user may exploit a bug in the emulation routines to gain root access or crash the system. III. Solution Extract the new files to be installed in the kernel. Note that this patch applies only to SPARC architectures. Install the patch files in /sys/`arch -k`/OBJ as described in the README file included in the patch file. Be sure to make a backup of each of the files you are replacing before moving the patched file to the /sys/`arch -k`/OBJ directory. Config, make, and install the new kernel to include all patches described in this advisory appropriate to your system. Reboot each host using the appropriate kernel. Refer to the Systems and Network Administration manual for instructions on building and configuring a new custom kernel. ICMP redirects patch upgrade, SunOS 4.1, 4.1.1, 4.1.2, all architectures I. Description The ICMP redirects patch addresses a denial of service vulnerability with SunOS that allows an intruder to close existing network connections to and from a Sun system. This vulnerability affects all Sun architectures and supported versions of SunOS. II. Impact A remote user may deny network services on a Sun system. III. Solution Extract the new file to be installed in the kernel (the patch is the same for all supported versions of SunOS). Install the patch files in /sys/`arch -k`/OBJ as described in the README file included in the patch file. Be sure to make a backup of each of the files you are replacing before moving the patched file to the /sys/`arch -k`/OBJ directory. Config, make, and install the new kernel to include all patches described in this advisory appropriate to your system. Reboot each host using the appropriate kernel. Refer to the Systems and Network Administration manual for instructions on building and configuring a new custom kernel. - --------------------------------------------------------------------------- The CERT/CC wishes to thank Helen Rose of the EFF, Gordon Irlam of the University of Adelaide, Wietse Venema of Eindhoven University, and Ken Pon at Sun Microsystems, Inc for their assistance. - --------------------------------------------------------------------------- If you believe that your system has been compromised, contact CERT/CC or your representative in FIRST (Forum of Incident Response and Security Teams). Internet E-mail: cert@cert.org Telephone: 412-268-7090 (24-hour hotline) CERT/CC personnel answer 7:30 a.m.-6:00 p.m. EST(GMT-5)/EDT(GMT-4), on call for emergencies during other hours. Computer Emergency Response Team/Coordination Center (CERT/CC) Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 Past advisories, information about FIRST representatives, and other information related to computer security are available for anonymous ftp from cert.org (192.88.209.5). ============================================================================== CERT-NL is the Computer Emergency Response Team for SURFnet customers. SURFnet is the Dutch network for educational, research and related institutes. CERT-NL is a member of the Forum of Incident Response and Security Teams (FIRST). All CERT-NL material is available under: http://cert.surfnet.nl/ In case of computer or network security problems please contact your local CERT/security-team or CERT-NL (if your institute is NOT a SURFnet customer please address the appropriate (local) CERT/security-team). CERT-NL is one/two hour(s) ahead of UTC (GMT) in winter/summer, i.e. UTC+0100 in winter and UTC+0200 in summer (DST). Email: cert-nl@surfnet.nl ATTENDED REGULARLY ALL DAYS Phone: +31 302 305 305 BUSINESS HOURS ONLY Fax: +31 302 305 329 BUSINESS HOURS ONLY Snailmail: SURFnet bv Attn. CERT-NL P.O. Box 19035 NL - 3501 DA UTRECHT The Netherlands NOODGEVALLEN: 06 22 92 35 64 ALTIJD BEREIKBAAR EMERGENCIES : +31 6 22 92 35 64 ATTENDED AT ALL TIMES CERT-NL'S EMERGENCY PHONENUMBER IS ONLY TO BE USED IN CASE OF EMERGENCIES: THE SURFNET HELPDESK OPERATING THE EMERGENCY NUMBER HAS A *FIXED* PROCEDURE FOR DEALING WITH YOUR ALERT AND WILL IN REGULAR CASES RELAY IT TO CERT-NL IN AN APPROPRIATE MANNER. CERT-NL WILL THEN CONTACT YOU. =============================================================================== -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.1i iQA/AwUBOL6V+TSYjBqwfc9jEQIWCwCgg3vz3tMd1+dEDCtVc0H4oxF3ZCwAn3PU iOi+r+g+1Jq/GJmi5ByLzm/7 =f4ll -----END PGP SIGNATURE-----