COMMAND

	snmpdx format string vulnerability and mibiisa buffer overflow

SYSTEMS AFFECTED

	SunOS 5.8, 5.8_x86, 5.7, 5.7_x86, 5.6, 5.6_x86
	

	

PROBLEM

	In    Sun    Microsystems,     Inc.     Security     Bulletin     #00219
	[http://sunsolve.sun.com/security] two vunerabilities were discovered.
	

	The Sun Solstice Enterprise Master Agent, snmpdx, has  a  bug  found  by
	Entercept\'s Ricochet [http://www.entercept.com/dr/snmp/].
	

	mibiisa, which receive SNMP packets from  snmpdx,  is  vulnerable  to  a
	buffer overflow.
	

	An unchecked buffer in a component of  Sun’s  Solaris  Operating  System
	can be overrun and remotely exploited, allowing an attacker  to  execute
	arbitrary code with root privileges.  There  is  also  a  format  string
	vulnerability in the  same  component  that  can  also  cause  the  same
	damage.
	

	Both of these vulnerabilities exist in the SNMP  components  snmpdx  and
	mibiisa, which are installed  by  default  with  the  Solaris  Operating
	System.  Exploiting  these  vulnerabilities  would  give   an   attacker
	complete control of the attacked server.

SOLUTION

	Apply patches.
	

	

	 SunOS 5.8                108869-16

	 SunOS 5.8_x86            108870-16

	 SunOS 5.7                107709-19

	 SunOS 5.7_x86            107710-19

	 SunOS 5.6                106787-18

	 SunOS 5.6_x86            106872-18

	

	

	http://sunsolve.sun.com/securitypatch