TUCoPS :: SunOS/Solaris :: 65.txt

Security problem in Sun3 and Sun4 unix-/bin/wall


**********************************************************************
DDN MGT Bulletin 65              DCA DDN Defense Communications System
08 Aug 89                        Published by: DDN Network Info Center
                                     (NIC@NIC.DDN.MIL)  (800) 235-3155
 
                        DEFENSE  DATA  NETWORK
                         MANAGEMENT  BULLETIN
 
The DDN MANAGEMENT BULLETIN is distributed online by the DDN Network
Information Center under DCA contract as a means of communicating
official policy, procedures and other information of concern to
management personnel at DDN facilities.  Back issues may be read
through the TACNEWS server ("@n" command at the TAC) or may be
obtained by FTP (or Kermit) from the SRI-NIC host [26.0.0.73 or
10.0.0.51] using login="anonymous" and password="guest".  The pathname
for bulletins is DDN-NEWS:DDN-MGT-BULLETIN-nn.TXT (where "nn" is the
bulletin number).
 
**********************************************************************
 
           SECURITY PROBLEM IN SUN3 AND SUN4 UNIX - /BIN/WALL
 
APPLICABLE OPERATING SYSTEM: UNIX 4.0, 4.01, 4.03 running on Sun3 and
                             Sun4 machines.
 
  PROBLEM: A serious security problem has been discovered relating to
           the /bin/wall program as distributed by SUN Microsystems.
           The flaw permits an unpriviledged user to manipulate system
           files by misusing /bin/wall.
 
   STATUS: SUN engineering has fixed the problem and has made the
           patch available.  Please contact Sun's US customer support
           for the security patch.  Versions for both Sun 3 products
           and Sun 4 products are available.
 
           It is also available on uunet.uu.net for anonymous ftp.
 
 CONTACTS: Call your Sun customer support representative to have the
           /bin/wall patch installed.  Refer to this problem by Sun's
           bug number 1021702 or Sun Service Order 340209.  If you
           have difficulty reaching your representative, call the Sun
           Hotline at
 
           (800) USA-4SUN   or (800) 872-4786
 
           Call CERT at (412) 268-7090  for general problem information.
           Call SRI/NIC at 1-800-235-3155 for general information.
 
  NOTE(1): This bulletin represents the best information available
           at this time to fix this problem.  As with any program
           modification, WORK WITH YOUR SUN REPRESENTATIVE TO INSTALL
           THIS PATCH.
 
  NOTE(2): Only those sites which have Sun3 and Sun4 equipment are
           affected.
 


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH