Four Vulnerabilities in the Common Desktop Environment
Privacy and Legal Notice
CIAC INFORMATION BULLETIN
K-001: Four Vulnerabilities in the Common Desktop Environment
(Updates to CERT Advisory CA-99-11)
October 11, 1999 16:00 GMT, Updated December 29, 1999
PROBLEM: Multiple vulnerabilities exist in some distributions of the
Common Desktop Environment (CDE).
PLATFORM: Any system running the Common Desktop Environment (CDE).
DAMAGE: Each vulnerability may allow arbitrary code on a vulnerable
system to be run as root by a local user. The ToolTalk
ttsession vulnerability may also allow arbitrary code to be run
as root by a remote user.
SOLUTION: Apply available vendor patches.
VULNERABILITY Risk is high. These vulnerabilities have been published on the
ASSESSMENT: internet. Each vulnerability, independent of the others, can
lead to a total system compromise.
Appended on December 29, 1999 with additional patch updates from Sun
Microsystems.
[Start CERT Advisory]
CERT Advisory CA-99-11 Four Vulnerabilities in the Common Desktop Environment
Original release date: September 13, 1999
Last revised: October 04, 1999 Updated vendor information for Sun
Microsystems, Inc.
Source: CERT/CC
A complete revision history is at the end of this file.
Systems Affected
* Systems running the Common Desktop Environment (CDE)
I. Description
Multiple vulnerabilities have been identified in some distributions of the
Common Desktop Environment (CDE). These vulnerabilities are different from
those discussed in CA-98.02. We recommend that you install appropriate
vendor patches as soon as possible (see Section III below). Until you can
do so, we encourage you to disable or uninstall vulnerable copies of the
CDE package. Note that disabling these programs will severely affect the
utility of the CDE environment.
At this time, the CERT/CC has not received any reports of these
vulnerabilities being exploited by intruders.
Vulnerability #1: ToolTalk ttsession uses weak RPC authentication mechanism
The ToolTalk messaging server ttsession allows independent applications to
communicate without having direct knowledge of each other. Applications can
communicate through an associated ttsession which delivers messages via RPC
calls between interested agents.
On many systems, ttsession uses AUTH_UNIX authentication (a client-based
security option) by default. When messages are received, ttsession uses
certain environment variables supplied by the client to determine how the
message is handled. Because of this, the ttsession process can be
manipulated to execute unauthorized arbitrary programs with the privileges
of the running ttsession.
Vulnerability #2: CDE dtspcd relies on file-system based authentication
The network daemon dtspcd (a CDE desktop subprocess control program)
accepts CDE requests from clients to execute commands and launch
applications remotely.
When a client makes a request, the dtspcd daemon asks the client to create
a file that has a predictable name so that the daemon can authenticate the
request. If a local user can manipulate the files used for authentication,
then that user can craft arbitrary commands that may run as root.
Vulnerability #3: CDE dtaction buffer overflow
The dtaction utility allows applications or shell scripts that otherwise
are not connected into the CDE development environment, to request that CDE
actions be performed.
A buffer overflow can occur in some implementations of dtaction when a
username argument greater than 1024 bytes is used.
Vulnerability #4: CDE ToolTalk shared library buffer overflow in TT_SESSION
There is a vulnerability in some implementations of the ToolTalk shared
library which allows the TT_SESSION environment variable buffer to
overflow. A setuid root program using a vulnerable ToolTalk library, such
as dtsession, can be exploited to run arbitrary code as root.
II. Impact
Vulnerability #1: ToolTalk ttsession uses weak RPC authentication mechanism
A local or remote user may be able to use this vulnerability to run
commands on a vulnerable system with the same privileges of the attacked
ttsession. For this attack to work, a ttsession must be actively running on
the system attacked. The ttsession daemon is started whenever a user logs
in using the CDE desktop, or upon interaction with CDE at some future
point.
Vulnerability #2: CDE dtspcd relies on file-system based authentication
A vulnerable dtspcd may allow a local user to run arbitrary commands as
root.
Vulnerability #3: CDE dtaction buffer overflow
A local user may be able to exploit this vulnerability to execute arbitrary
code with root privileges.
Vulnerability #4: CDE ToolTalk shared library buffer overflow in TT_SESSION
A local user may be able to exploit this vulnerability to execute arbitrary
code with root privileges.
III. Solution
Install appropriate patches from your vendor
We recommend installing vendor patches as soon as possible and disabling the
vulnerable programs until you can do so (or uninstalling the entire CDE
package if not needed). Note that disabling these programs will severely
affect the utility of the CDE environment.
Appendix A contains information provided by vendors for this advisory. We will
update the appendix as we receive more information. If you do not see your
vendor's name, the CERT/CC did not hear from that vendor. Please contact your
vendor directly.
Appendix A. Vendor Information
Compaq Computer Corporation
Problem #1
CDE ToolTalk session daemon & ToolTalk shared library overflow
This potential security problem has been resolved and a patch for this
problem has been made available for Tru64 UNIX V4.0D, V4.0E, V4.0F and
V5.0.
This patch can be installed on:
V4.0D-F, all patch kits
V5.0, all patch kits
*This solution will be included in a future distributed release of Compaq's
Tru64/ DIGITAL UNIX.
This patch may be obtained from the World Wide Web at the following FTP
address:
http://www.service.digital.com/patches
The patch file name is SSRT0617_ttsession.tar.Z
Problem #2
Compaq's Tru64/DIGITAL UNIX is not vulnerable.
Problem #3
CDE dtaction buffer overflow
This potential security problem has been resolved and a patch for this
problem has been made available for Tru64 UNIX V4.0D, V4.0E and V4.0F.
This patch can be installed on:
V4.0D Patch kit BL11 or BL12
V4.0E Patch kit BL1 or BL12
V4.0F Patch kit BL1
*This solution will be included in a future distributed release of Compaq's
Tru64/ DIGITAL UNIX.
This patch may be obtained from the World Wide Web at the following FTP
address:
http://www.service.digital.com/patches
The patch file name is SSRT0615U_dtaction.tar.Z
Problem #4
CDE ToolTalk shared library overflow
See solution fix described in Problem #1.
Data General
DG/UX is not subject to any of these vulnerabilities.
Fujitsu
Fujitsu's UXP/V operating system is not vulnerable to any of these
vulnerabilities.
Hewlett-Packard Company
HP-9000 Series 700/800 HP-UX releases 10.X and 11.0 systems with CDE
patches previously recommended in HP Security Bulletins are not vulnerable
to vulnerabilities #2, #3, and #4.
All HP-UX 10.X and 11.0 systems running CDE are vulnerable to vulnerability
#1.
[Start Hewlett-Packard Company Update]
HP Support Information Digests
==============================================================================
o HP Electronic Support Center World Wide Web Service
---------------------------------------------------
If you subscribed through the HP Electronic Support Center and would
like to be REMOVED from this mailing list, access the
HP Electronic Support Center on the World Wide Web at:
http://us-support.external.hp.com
Login using your HP Electronic Support Center User ID and Password.
Then select Support Information Digests. You may then unsubscribe from the
appropriate digest.
==============================================================================
Digest Name: Daily Security Bulletins Digest
Created: Mon Sep 20 3:00:03 PDT 1999
Table of Contents:
Document ID Title
--------------- -----------
HPSBUX9909-103 Security Vulnerability in CDE ttsession (Rev.01)
The documents are listed below.
------------------------------------------------------------------------------
Document ID: HPSBUX9909-103
Date Loaded: 19990919
Title: Security Vulnerability in CDE ttsession (Rev.01)
-------------------------------------------------------------------------
**REVISED 01** HEWLETT-PACKARD COMPANY SECURITY BULLETIN: #00103, 14 Sep. 99
Last Revised: 20 Sep. 99
-------------------------------------------------------------------------
The information in the following Security Bulletin should be acted upon
as soon as possible. Hewlett-Packard Company will not be liable for any
consequences to any customer resulting from customer's failure to fully
implement instructions in this Security Bulletin as soon as possible.
-------------------------------------------------------------------------
PROBLEM: ttsession uses weak RPC authentication mechanism
PLATFORM: HP-9000 Series 700/800 HP-UX releases 10.X & 11.00 running CDE.
DAMAGE: Allows remote and local users to execute programs with the
privileges of the running ttsession.
SOLUTION: **REVISED 01**
Install the applicable patch.
AVAILABILITY: The patches for 10.2X and 11.00 are available now.
NOTE: This bulletin will be revised when other patches
are available.
CHANGE SUMMARY: This revision affects only HP-UX release 10.24.
-------------------------------------------------------------------------
I.
A. Background
This problem has been reported in CERT Advisory CA-99-11.
The advisory reports four vulnerabilities:
#1: ToolTalk ttsession uses weak RPC authentication mechanism
#2: CDE dtspcd relies on file-system based authentication
#3: CDE dtaction buffer overflow
#4: CDE ToolTalk shared library buffer overflow in TT_SESSION
With the patches recommended in previous security bulletins
HP-UX releases 10.X and 11.00 are not vulnerable to #2, #3, nor #4.
To avoid vulnerability #1 install the applicable patch below.
B. Fixing the problem - Install the applicable patch:
HP-UX release 10.10 In progress;
HP-UX release 10.20 PHSS_19747;
------->>>> HP-UX release 10.24 PHSS_19819;
HP-UX release 11.00 PHSS_19748.
Note: HP-UX release 10.30 was a development release prior to
the availability of HP-UX release 11.00. HP-UX release
10.30 will not be patched.
C. To subscribe to automatically receive future NEW HP Security
Bulletins from the HP Electronic Support Center via electronic
mail, do the following:
Use your browser to get to the HP Electronic Support Center page
at:
http://us-support.external.hp.com
(for US, Canada, Asia-Pacific, & Latin-America)
http://europe-support.external.hp.com
(for Europe)
Login with your user ID and password (or register for one).
Remember to save the User ID assigned to you, and your password.
Once you are in the Main Menu:
To -subscribe- to future HP Security Bulletins,
click on "Support Information Digests".
To -review- bulletins already released from the main Menu,
click on the "Search Technical Knowledge Database."
Near the bottom of the next page, click on "Browse the HP
Security Bulletin Archive".
Once in the archive there is another link to our current Security
Patch Matrix. Updated daily, this matrix categorizes security
patches by platform/OS release, and by bulletin topic.
The security patch matrix is also available via anonymous ftp:
us-ffs.external.hp.com
~ftp/export/patches/hp-ux_patch_matrix
D. To report new security vulnerabilities, send email to
security-alert@hp.com
Please encrypt any exploit information using the security-alert
PGP key, available from your local key server, or by sending a
message with a -subject- (not body) of 'get key' (no quotes) to
security-alert@hp.com.
Permission is granted for copying and circulating this Bulletin to
Hewlett-Packard (HP) customers (or the Internet community) for the
purpose of alerting them to problems, if and only if, the Bulletin
is not edited or changed in any way, is attributed to HP, and
provided such reproduction and/or distribution is performed for
non-commercial purposes.
Any other use of this information is prohibited. HP is not liable
for any misuse of this information by any third party.
________________________________________________________________________
-----End of Document ID: HPSBUX9909-103--------------------------------------
[End Hewlett-Packard Company Update]
IBM Corporation
All releases of AIX version 4 are vulnerable to vulnerabilities #1, #3, and
#4. AIX is not vulnerable to #2. The following APARs will be available
soon:
AIX 4.1.x: IY03125 IY03847
AIX 4.2.x: IY03105 IY03848
AIX 4.3.x: IY02944 IY03849
Customers that do not require the CDE desktop functionality can disable CDE
by restricting access to the CDE daemons and removing the dt entry from
/etc/inittab. Run the following commands as root to disable CDE:
# /usr/dt/bin/dtconfig -d
# chsubserver -d -v dtspc
# chsubserver -d -v ttdbserver
# chsubserver -d -v cmsd
# chown root.system /usr/dt/bin/*
# chmod 0 /usr/dt/bin/*
For customers that require the CDE desktop functionality, a temporary fix
is available via anonymous ftp from:
ftp://aix.software.ib
m.com/aix/efixes/security/cdecert.tar.Z
Filename sum md5
=================================================================
dtaction_4.1 32885 18 82af470bbbd334b240e874ff6745d8ca
dtaction_4.2 52162 18 b10f21abf55afc461882183fbd30e602
dtaction_4.3 56550 19 6bde84b975db2506ab0cbf9906c275ed
libtt.a_4.1 29234 2132 f5d5a59956deb8b1e8b3a14e94507152
libtt.a_4.2 21934 2132 73f32a73873caff06057db17552b8560
libtt.a_4.3 12154 2118 b0d14b9fe4a483333d64d7fd695f084d
ttauth 56348 31 495828ea74ec4c8f012efc2a9e6fa731
ttsession_4.1 19528 337 bfac4a06b90cbccc0cd494a44bd0ebc9
ttsession_4.2 46431 338 05949a483c4e390403055ff6961b0816
ttsession_4.3 54031 339 e1338b3167c7edf899a33520a3adb060
NOTE - This temporary fix has not been fully regression tested. Use the
following steps (as root) to install the temporary fix.
1. Uncompress and extract the fix.
# uncompress < cdecert.tar.Z | tar xf -
# cd cdecert
2. Replace the vulnerable executables with the temporary fix for
your version of AIX.
# (cd /usr/dt/lib && mv libtt.a libtt.a.before_security_fix)
# (cd /usr/dt/bin && mv ttsession ttsession.before_security_fix)
# (cd /usr/dt/bin && mv dtaction dtaction.before_security_fix)
# chown root.system /usr/dt/lib/libtt.a.before_security_fix
# chown root.system /usr/dt/bin/ttsession.before_security_fix
# chown root.system /usr/dt/bin/dtaction.before_security_fix
# chmod 0 /usr/dt/lib/libtt.a.before_security_fix
# chmod 0 /usr/dt/bin/ttsession.before_security_fix
# chmod 0 /usr/dt/bin/dtaction.before_security_fix
# cp ./libtt.a_ /usr/dt/lib/libtt.a
# cp ./ttsession_ /usr/dt/bin/ttsession
# cp ./dtaction_ /usr/dt/bin/dtaction
# cp ./ttauth /usr/dt/bin/ttauth
# chmod 555 /usr/dt/lib/libtt.a
# chmod 555 /usr/dt/bin/ttsession
# chmod 555 /usr/dt/bin/dtaction
# chmod 555 /usr/dt/bin/ttauth
IBM AIX APARs may be ordered using Electronic Fix Distribution (via the
FixDist program), or from the IBM Support Center. For more information on
FixDist, and to obtain fixes via the Internet, please reference
http://techsu
pport.services.ibm.com/support/rs6000.support/downloads
or send electronic mail to "aixserv@austin.ibm.com" with the word "FixDist"
in the "Subject:" line. To facilitate ease of ordering all security related
APARs for each AIX release, security fixes are periodically bundled into a
cumulative APAR. For more information on these cumulative APARs including
last update and list of individual fixes, send electronic mail to
"aixserv@austin.ibm.com" with the word
"subscribe Security_APARs" in the
"Subject:" line.
Santa Cruz Operation, Inc.
SCO is investigating these vulnerabilities on SCO UnixWare 7. Other SCO
products (OpenServer 5.0.x, UnixWare 2.1.x, Open Server / Open Desktop 3.0
and CMW+) are not vulnerable as CDE is not a component of these releases.
SCO will make patches and status information available at
http://www.sco.com/security.
Silicon Graphics, Inc.
SGI acknowledges the CDE vulnerabilities reported and is currently
investigating. No further information is available at this time. As further
information becomes available, additional advisories will be issued via the
normal SGI security information distribution methods including the wiretap
mailing list.
Until SGI has more definitive information to provide, customers are
encouraged to assume all security vulnerabilities as exploitable and take
appropriate steps according to local site security policies and
requirements.
The SGI Security Headquarters Web page is accessible at the URL
http://www.sgi.com/Support/secur
ity/security.html
Sun Microsystems, Inc.
Vulnerability #1:
Systems running Solaris 7, 2.6, and systems running Solaris 2.5.1, 2.5, and
2.4 installed with CDE are vulnerable if the UNIX authentication mechanism
(default) is used. Sun recommends that sites using CDE use DES as the
authentication mechanism. To set the authentication mechanism to DES, use
the ttsession command with the '-a' option and specify 'des' as the
argument (see ttsession(1) for more information). The use of DES
authentication also requires that the system uses Secure NFS, NIS+, or
keylogin. For more information about Secure NFS, NIS+, or keylogin, please
see the System Administration Guide, Volume II. Information is also
available at:
http://docs.sun.com:80/ab2/coll.47.8/SYSADV2/@Ab2PageView/34908?DwebQuery=s
ecure+rpc
Sun is producing patches for this vulnerability that will not require the
use of the DES authentication mechanism.
Vulnerability #2:
The following patches are available:
CDE version SunOS version Patch ID
___________ _____________ _________
1.3 5.7 108221-01
1.3_x86 5.7_x86 108222-01
1.2 5.6 108199-01
1.2_x86 5.6_x86 108200-01
1.0.2 5.5.1, 5.5, 5.4 108205-01
1.0.2_x86 5.5.1_x86, 5.5_x86, 5.4_x86 108206-01
1.0.1 5.5, 5.4 108252-01
1.0.1_x86 5.5_x86, 5.4_x86 108253-01
Vulnerability #3:
The following patches are available:
CDE version SunOS version Patch ID
___________ _____________ _________
1.3 5.7 108219-01
1.3_x86 5.7_x86 108220-01
1.2 5.6 108201-01
1.2_x86 5.6_x86 108202-01
Patches for CDE versions 1.0.2 and 1.0.1 are in progress.
Vulnerability #4:
The following patches are available:
SunOS version Patch ID
_____________ _________
5.7 107893-02
5.7_x86 107894-02
Patches for other supported versions are in progress.
_____________________________________________________________________________
The CERT Coordination Center would like to thank Job de Haas for reporting
these vulnerabilities and working with the vendors to effect fixes. We would
also like to thank Solutions Atlantic for their efforts in coordinating
vendor solutions.
______________________________________________________________________________
This document is available from: http://www.cert.org/advisories/CA-99-11-
CDE.html
_____________________________________________________________________________
2Revision History
Oct 04, 1999: Updated vendor information for Sun Microsystems, Inc.
Oct 01, 1999: Added vendor information for Data General
Sep 13, 1999: Initial release
[End CERT Advisory]
[ Start Sun Microsystems Advisory ]
________________________________________________________________________________
Sun Microsystems, Inc. Security Bulletin
Bulletin Number: #00192
Date: December 29, 1999
Cross-Ref: CERT CA-99-11
Title: CDE and OpenWindows
________________________________________________________________________________
The information contained in this Security Bulletin is provided "AS IS."
Sun makes no warranties of any kind whatsoever with respect to the information
contained in this Security Bulletin. ALL EXPRESS OR IMPLIED CONDITIONS,
REPRESENTATIONS AND WARRANTIES, INCLUDING ANY WARRANTY OF NON-INFRINGEMENT OR
IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, ARE
HEREBY DISCLAIMED AND EXCLUDED TO THE EXTENT ALLOWED BY APPLICABLE LAW.
IN NO EVENT WILL SUN MICROSYSTEMS, INC. BE LIABLE FOR ANY LOST REVENUE,
PROFIT OR DATA, OR FOR DIRECT, SPECIAL, INDIRECT, CONSEQUENTIAL, INCIDENTAL
OR PUNITIVE DAMAGES HOWEVER CAUSED AND REGARDLESS OF ANY THEORY OF LIABILITY
ARISING OUT OF THE USE OF OR INABILITY TO USE THE INFORMATION CONTAINED IN
THIS SECURITY BULLETIN, EVEN IF SUN MICROSYSTEMS, INC. HAS BEEN ADVISED OF
THE POSSIBILITY OF SUCH DAMAGES.
If any of the above provisions are held to be in violation of applicable law,
void, or unenforceable in any jurisdiction, then such provisions are waived
to the extent necessary for this disclaimer to be otherwise enforceable in
such jurisdiction.
________________________________________________________________________________
1. Bulletin Topics
Sun announces the release of patches for Solaris(tm) 7, 2.6, 2.5.1, 2.5,
2.4, 2.3 (SunOS(tm) 5.7, 5.6, 5.5.1, 5.5, 5.4, 5.3), and SunOS 4.1.4,
and 4.1.3_U1 which relate to various vulnerabilities in CDE and
OpenWindows.
Sun recommends that you install the patches listed in section 4
immediately on systems running SunOS 5.7, 5.6, 5.5.1, 5.5, 5.4, 5.3,
4.1.4, and 4.1.3_U1.
2. Who is Affected
Vulnerable: SunOS 5.7, 5.7_x86, 5.6, 5.6_x86, 5.5.1, 5.5, 5.4, 5.3,
4.1.4, and 4.1.3_U1.
Not vulnerable: All other supported versions of SunOS.
3. Understanding the Vulnerabilities
The following vulnerabilities have been identified.
3.1 ToolTalk ttsession default authentication mechanism insecure
The ToolTalk messaging utility, ttsession, allows independent
applications to communicate without having direct knowledge of
each other. The ttsession daemon is started automatically by
any program that needs to send or receive a ToolTalk message. It uses
AUTH_UNIX authentication by default. A local or remote attacker may
manipulate certain environment variables (which are used by ttsession
to determine how client messages are handled) to execute arbitrary
commands with the privileges of the running ttsession.
3.2 CDE dtspcd relies on file-system based authentication
The CDE desktop subprocess control program (dtspcd) is a network
daemon that accepts requests from clients to execute commands and
launch applications remotely. By manipulating predictable files used
for authentication, a local attacker may exploit this vulnerability
to execute arbitrary commands and gain root access.
3.3 CDE dtaction buffer overflow
The dtaction utility allows applications or shell scripts, which are
otherwise not connected into the CDE user environment, to request
CDE actions be performed. A buffer overflow vulnerability has been
discovered which may be exploited by a local attacker to execute
arbitrary instructions and gain root access.
3.4 CDE ToolTalk shared library buffer overflow in TT_SESSION
A buffer overflow vulnerability has been discovered in the ToolTalk
shared library which may be exploited by a local attacker to execute
arbitrary instructions and gain root access.
4. List of Patches
Patches for vulnerability described in section 3.1
SunOS version Patch ID
_____________ _________
5.7 107893-04
5.7_x86 107894-04
5.6 105802-11
5.6_x86 105803-13
5.5.1 104489-10
5.5.1_x86 105496-08
5.5 104428-08
5.5_x86 105495-06
5.4 102734-05
108636-01 (see Note 1)
5.4_x86 108641-01
108637-01 (see Note 1)
5.3 Patch will be available in 2 weeks
4.1.4, 4.1.3_U1 Patch will be available in 2 weeks
Note 1: Install patch if CDE 1.0.2 or 1.0.1 is installed.
Patches for vulnerability described in section 3.2
CDE version SunOS version Patch ID
___________ _____________ _________
1.3 5.7 108221-01
1.3_x86 5.7_x86 108222-01
1.2 5.6 108199-01
1.2_x86 5.6_x86 108200-01
1.0.2 5.5.1, 5.5, 5.4 108205-01
1.0.2_x86 5.5.1_x86, 5.5_x86, 5.4_x86 108206-01
1.0.1 5.5, 5.4 108252-01
1.0.1_x86 5.5_x86, 5.4_x86 108253-01
Patches for vulnerability described in section 3.3
CDE version SunOS version Patch ID
___________ _____________ _________
1.3 5.7 108219-01
1.3_x86 5.7_x86 108220-01
1.2 5.6 108201-01
1.2_x86 5.6_x86 108202-01
1.0.2 5.5.1, 5.5, 5.4 108289-02
1.0.2_x86 5.5.1_x86, 5.5_x86, 5.4_x86 108290-03
1.0.1 5.5, 5.4 108254-01
1.0.1_x86 5.5_x86, 5.4_x86 108255-01
Patches for vulnerability described in section 3.4
SunOS version Patch ID
_____________ _________
5.7 107893-04
5.7_x86 107894-04
5.6 105802-11
5.6_x86 105803-13
5.5.1 104489-10
5.5.1_x86 105496-08
5.5 104428-08
5.5_x86 105495-06
5.4 102734-05
108636-01 (see Note 2)
5.4_x86 108641-01
108637-01 (see Note 2)
5.3 101495-04
4.1.4, 4.1.3_U1 100626-10
Note 2: Install patch if CDE 1.0.2 or 1.0.1 is installed.
_______________________________________________________________________________
APPENDICES
A. Patches listed in this bulletin are available to all Sun customers at:
http://sunsolve.sun.com/pub-cgi/show.pl?target=patches/patch-license&nav=pub-patches
B. Checksums for the patches listed in this bulletin are available at:
ftp://sunsolve.sun.com/pub/patches/CH
ECKSUMS
C. Sun security bulletins are available at:
http://sunsolve.sun.com/pub-cgi/sec
Bulletin.pl
D. Sun Security Coordination Team's PGP key is available at:
http://sunsolve.sun.com/pgpkey.txt
E. To report or inquire about a security problem with Sun software, contact
one or more of the following:
- Your local Sun Solution Center
- Your representative computer security response team, such as CERT
- Sun Security Coordination Team. Send email to:
security-alert@sun.com
F. To receive information or subscribe to our CWS (Customer Warning System)
mailing list, send email to:
security-alert@sun.com
with a subject line (not body) containing one of the following commands:
Command Information Returned/Action Taken
_______ _________________________________
help An explanation of how to get information
key Sun Security Coordination Team's PGP key
list A list of current security topics
query [topic] The email is treated as an inquiry and is forwarded to
the Security Coordination Team
report [topic] The email is treated as a security report and is
forwarded to the Security Coordination Team. Please
encrypt sensitive mail using Sun Security Coordination
Team's PGP key
send topic A short status summary or bulletin. For example, to
retrieve a Security Bulletin #00138, supply the
following in the subject line (not body):
send #138
subscribe Sender is added to our mailing list. To subscribe,
supply the following in the subject line (not body):
subscribe cws your-email-address
Note that your-email-address should be substituted
by your email address.
unsubscribe Sender is removed from the CWS mailing list.
________________________________________________________________________________
Copyright 1999 Sun Microsystems, Inc. All rights reserved. Sun,
Sun Microsystems, Solaris and SunOS are trademarks or registered trademarks
of Sun Microsystems, Inc. in the United States and other countries. This
Security Bulletin may be reproduced and distributed, provided that this
Security Bulletin is not modified in any way and is attributed to
Sun Microsystems, Inc. and provided that such reproduction and distribution
is performed for non-commercial purposes.
[ End Sun Microsystems Advisory ]
CIAC wishes to acknowledge the contributions of CERT Coordination Center,
Hewlett-Packard Company, and Sun Microsystems for the information contained in
this bulletin.
CIAC services are available to DOE, DOE Contractors, and the NIH. CIAC
can be contacted at:
Voice: +1 925-422-8193 (7 x 24)
FAX: +1 925-423-8002
STU-III: +1 925-423-2604
E-mail: ciac@llnl.gov
World Wide Web: http://www.ciac.org/
http://ciac.llnl.gov
(same machine -- either one will work)
Anonymous FTP: ftp.ciac.org
ciac.llnl.gov
(same machine -- either one will work)
This document was prepared as an account of work sponsored by an
agency of the United States Government. Neither the United States
Government nor the University of California nor any of their
employees, makes any warranty, express or implied, or assumes any
legal liability or responsibility for the accuracy, completeness, or
usefulness of any information, apparatus, product, or process
disclosed, or represents that its use would not infringe privately
owned rights. Reference herein to any specific commercial products,
process, or service by trade name, trademark, manufacturer, or
otherwise, does not necessarily constitute or imply its endorsement,
recommendation or favoring by the United States Government or the
University of California. The views and opinions of authors expressed
herein do not necessarily state or reflect those of the United States
Government or the University of California, and shall not be used for
advertising or product endorsement purposes.
UCRL-MI-119788
[Privacy and Legal Notice]
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH
