SECURITY: Warning Of Solaris 8 Flaw

The vulnerability allows hackers to get "super user" privileges.

InformationWeek Staff, Contributor

December 12, 2001

1 Min Read
InformationWeek logo in a gray background | InformationWeek

Security vendor Internet Security Systems Inc. is warning users of Sun Microsystems Solaris 8 and earlier versions that a serious vulnerability gives hackers "super user" privileges. According to an alert published by ISS, the vulnerability in the "login" program in Solaris enables attackers to run arbitrary commands on a target system.

ISS recommends that Sun Solaris users disable all default terminal communication services and install Secure Shell. The company says it has learned that hackers possess automated software tools ready to exploit this flaw, which is why it published the security advisory before Sun made a patch available.

Sun wasn't immediately available for comment. According to ISS's alert, Sun is aware of the vulnerability and is testing a fix. Patches may soon be available at www.sunsolve.sun.com/securitypatch.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights