IoT
News
News
11/27/2002
11:27 AM
50%
50%

Sun Solaris Security Hole Leaves Users Vulnerable

Problem in how operating system handles fonts could let an attacker take over a machine.

A vulnerability in how Sun Solaris handles fonts leaves systems susceptible to takeover by an attacker, according to a security bulletin.

The vulnerability comes from Sun's implementation of the X Windows Font Service, which serves font files to clients and runs by default on all versions of Solaris, according to an advisory issued by the CERT Coordination Center at Carnegie Mellon University.

Sun is working on a software update; CERT advises users to disable XFS unless it's specifically required, and configure firewalls to block access to port 7100/TCP. But CERT said that move won't block attacks launched from within the network perimeter.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of July 17, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.