I have two reports from other UC campuses that exploits of the Solaris ufsrestore bug are being used against *sparc* hosts. At least one of the sites reports that patch 104490-05 (Solaris 2.5.1, sparc arch) was applied on a system that was compromised (presumably via this method). Consider this an *inconclusive* warning that the Sun ufsrestore patch *may* not be effective. I have a call into Sun on this one. If we can get the binary of the exploit, it might be interesting. [The reporting sites are BCC'ed on this note. If they want to go public, its up to them.] --tep -- Tom E. Perrine (tepat_private) | San Diego Supercomputer Center http://www.sdsc.edu/~tep/ | Voice: +1.619.534.5000 Been there, done that, erased the evidence, blackmailed the witnesses...
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:57:12 PDT