SECURITY: Warning Of Solaris 8 Flaw
The vulnerability allows hackers to get "super user" privileges.
Security vendor Internet Security Systems Inc. is warning users of Sun Microsystems Solaris 8 and earlier versions that a serious vulnerability gives hackers "super user" privileges. According to an alert published by ISS, the vulnerability in the "login" program in Solaris enables attackers to run arbitrary commands on a target system.
ISS recommends that Sun Solaris users disable all default terminal communication services and install Secure Shell. The company says it has learned that hackers possess automated software tools ready to exploit this flaw, which is why it published the security advisory before Sun made a patch available.
Sun wasn't immediately available for comment. According to ISS's alert, Sun is aware of the vulnerability and is testing a fix. Patches may soon be available at www.sunsolve.sun.com/securitypatch.
About the Author
You May Also Like