Segurança na Internet

CERT Advisory - March 17, 1994
SunOS /usr/ucb/rdist Vulnerability

I. Description

A security vulnerability exists in /usr/ucb/rdist that can be used to gain unauthorized privileges. Under some circumstances /usr/ucb/rdist can be used to create setuid root programs.

II. Impact

This vulnerability allows a local user to gain root access.

III. Solutions

A. If rdist is not being used, change the permissions on the file : # chmod 700 /usr/ucb/rdist
B. Obtain and install the appropriate patches according to the instructions included with the patches.

        Module           Patch ID        Filename
        rdist            100383-06       100383-06.tar.Z

CERT Advisory - March 17, 1994SunOS /usr/ucb/rdist Vulnerability

I. Description

II. Impact

III. Solutions

CERT Advisory - March 17, 1994
SunOS /usr/ucb/rdist Vulnerability