Solaris 2.5.1 patch not effective?

From: Tom Perrine (tepat_private)
Date: Tue Jun 09 1998 - 17:18:28 PDT

Next message: Rick Smith: "Re: CISCO PIX Vulnerability"

Previous message: Jeff Forristal: "Unsecure passwords in Macromedia Dreamweaver"
Next in thread: Pete Ashdown: "Solaris 2.5.1 patch not effective?"
Next in thread: Steve Siirila: "Re: Solaris 2.5.1 patch not effective?"
Reply: Steve Siirila: "Re: Solaris 2.5.1 patch not effective?"
Reply: Richard Peters: "Re: Solaris 2.5.1 patch not effective?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I have two reports from other UC campuses that exploits of the Solaris
ufsrestore bug are being used against *sparc* hosts.

At least one of the sites reports that patch 104490-05 (Solaris 2.5.1,
sparc arch) was applied on a system that was compromised (presumably
via this method).

Consider this an *inconclusive* warning that the Sun ufsrestore patch
*may* not be effective.  I have a call into Sun on this one.  If we
can get the binary of the exploit, it might be interesting.

[The reporting sites are BCC'ed on this note.  If they want to go
public, its up to them.]

--tep

--
Tom E. Perrine (tepat_private) | San Diego Supercomputer Center
http://www.sdsc.edu/~tep/     | Voice: +1.619.534.5000
Been there, done that, erased the evidence, blackmailed the witnesses...

Next message: Rick Smith: "Re: CISCO PIX Vulnerability"
Previous message: Jeff Forristal: "Unsecure passwords in Macromedia Dreamweaver"
Next in thread: Pete Ashdown: "Solaris 2.5.1 patch not effective?"
Next in thread: Steve Siirila: "Re: Solaris 2.5.1 patch not effective?"
Reply: Steve Siirila: "Re: Solaris 2.5.1 patch not effective?"
Reply: Richard Peters: "Re: Solaris 2.5.1 patch not effective?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:57:12 PDT