SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (UNIX)  >   Rpc Vendors:   Sun
Sun Solaris RCP AUTH_DES Bug May Give Remote Users Root Access
SecurityTracker Alert ID:  1005934
SecurityTracker URL:  http://securitytracker.com/id/1005934
CVE Reference:   CVE-2002-1584   (Links to External Site)
Updated:  Jun 14 2008
Original Entry Date:  Jan 17 2003
Impact:   Root access via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Solaris 2.5.1, 2.6, 7
Description:   A vulnerability was reported in Sun Solaris in the processing of RPC requests using AUTH_DES authentication. A remote user may be able to obtain root access on the system.

It is reported that a remote user may be able to gain access to the system because of a vulnerability in the processing of certain RPC requests involving AUTH_DES authentication. RPC AUTH_DES credentials may stay on stack in certain cases, according to Sun.

It may be possible for the user to obtain root privileges in some cases.

Impact:   A remote user may be able to obtain access to the system, potentially including root level access.
Solution:   Sun has released the following patches:

SPARC

* Solaris 2.5.1 with patch 103640-41 or later
* Solaris 2.6 with patches 105401-38 and 105564-05 or later
* Solaris 7 with patch 106942-21 or later

Intel

* Solaris 2.5.1 with patch 103641-41 or later
* Solaris 2.6 with patches 105402-38 and 105565-05 or later
* Solaris 7 with patch 106943-21 or later

Vendor URL:  sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F46944 (Links to External Site)
Cause:   Authentication error, State error
Underlying OS:  UNIX (Solaris - SunOS)

Message History:   None.


 Source Message Contents

Subject:  Sun Alert 46944 (RPC AUTH_DES)


http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F46944

Sun reported that a local or remote user may be able to gain access to the system because of a
vulnerability in the processing of certain RPC requests involving AUTH_DES authentication.  It may
be possible for the user to obtain root privileges in some cases.

It is reported that RPC AUTH_DES credentials may stay on stack.  No further details were provided.

Solaris 2.5.1, 2.6, and 7 are affected.  Sun indicates that Solaris 8 and Solaris 9 are not
affected.

Sun has issued the following patches to correct the problem:

SPARC

    * Solaris 2.5.1 with patch 103640-41 or later
    * Solaris 2.6 with patches 105401-38 and 105564-05 or later
    * Solaris 7 with patch 106942-21 or later

Intel

    * Solaris 2.5.1 with patch 103641-41 or later
    * Solaris 2.6 with patches 105402-38 and 105565-05 or later
    * Solaris 7 with patch 106943-21 or later


-----

    * Sun Alert ID: 46944
    * Synopsis: RPC Requests Involving AUTH_DES Authentication may Allow a User to Gain Elevated
Privileges
    * Category: Security
    * Product: Solaris
    * BugIDs: 4240833
    * Avoidance: Patch
    * State: Resolved
    * Date Released: 23-Dec-2002
    * Date Closed: 23-Dec-2002
    * Date Modified:


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, SecurityGlobal.net LLC