[ale] Solaris Vulnerability
Jonathan Glass
jonathan.glass at ibb.gatech.edu
Thu Jan 23 06:31:29 EST 2003
Solaris Flaw Opens Door for Hackers
Source: EWeek.com
Date Written: January 22, 2003
Date Collected: January 22, 2003
Entercept Security technology reports a security flaw in Sun's Solaris
operating system that would allow an attacker to access any file and
obtain root privileges on a vulnerable machine. The flaw affects
versions 2.5.1, 2.6, 2.7, 2.8, and 2.9 running on Sparc or Intel based
servers. The flaw lies in the Kodak Color Management System service
demon which enables library functions to access profiles on remote
machines. Because the KCMS server runs with root privileges, an attacker
who is able to exploit this vulnerability would have complete control of
the machine and could access any file of choice. Sun will release a
patch 22 January.
http://www.eweek.com/article2/0,3959,840818,00.asp
--
Jonathan Glass
Systems Support Specialist II
Institute for Bioengineering & Bioscience
Georgia Institute of Technology
404.385.0127
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list