Note: This is an archival copy of Security Sun Alert 200325 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000241.1.
Solaris 9 Operating System
Solaris 7 Operating System
Solaris 8 Operating System
Date of Resolved Release
A security vulnerability in the in.rwhod(1M) daemon may allow a remote privileged user to execute arbitrary code with "root" privileges when the in.rwhod(1M) daemon is enabled on the system.
Note: in.rwhod(1M) is not enabled by default.
This issue can occur in the following releases:
A system is only vulnerable to this issue if the in.rwhod(1M) daemon is enabled. This can be determined by using the pgrep(1) command which will only generate output if the daemon is enabled, as in the following example:
$ pgrep -lf in.rwhod 17157 /usr/sbin/in.rwhod -m
There are no predictable symptoms that would indicate the described issue has occurred.
To work around the described issue, in.rwhod(1M) can be disabled by running the following command:
# pkill in.rwhod
This issue is addressed in the following releases:
This solution has no attachment