Note: This is an archival copy of Security Sun Alert 200581 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000443.1.
Sun Net Connect 3.2 Services
Date of Resolved Release
A format string security vulnerability in the Sun Remote Services (SRS) Net Connect Software may allow an unprivileged local user to execute arbitrary code with root privileges.
Sun acknowledges with thanks, Sean Larsson of iDefense Labs (http://www.idefense.com) for bringing this issue to our attention.
This issue is also described in the following document:
This issue can occur in the following releases:
1. The SRS Net Connect software only runs on the SPARC platform; therefore the x86 platform is not affected by this issue.
2. This issue only occurs on systems which have installed the Sun Remote Services (SRS) Net Connect software. The SRS Net Connect software is not bundled with Solaris but is available for download at:
3. To determine the version of the SRS Net Connect software installed on the system, the filename of the SRS Net Connect Uninstall script can be examined by running the following command:
$ ls -l /opt/SUNWsrspx/bin/Uninstall* -r-xr----- 1 root root 6422 Mar 16 19:34 /opt/SUNWsrspx/bin/UninstallNetConnect.003.002.004.sh
The example above shows SRS Net Connect version 3.2.4 is installed on the system.
There are no predictable symptoms that would indicate the described issue has been exploited.
There is no workaround for this issue. Please see the Resolution section below.
This issue is addressed in the following releases:
This solution has no attachment