New Vulnerabilities Flare in Sun Solaris

Sun and other researchers report the discovery of new flaws in the Sun operating system

2 Min Read
Dark Reading logo in a gray background | Dark Reading

Note to Sun Solaris users: Do you know who's been in your directory?

Two new vulnerabilities have been discovered in Sun Solaris since last Wednesday that could enable unauthorized users to play in the operating system's directory.

Last Thursday, Sun quietly published an alert that a flaw in the Solaris 9 in.ftpd server may allow unprivileged users access to directories outside of their home directory or to log in with their home directory set to "/". Sun offered a workaround to disable the affected application process, but a final patch has not yet been developed.

Sun's reported vulnerability applies only to Solaris 9 -- Solaris 8 and 10 are not affected. But on the day before Sun issued its alert, the U.S. Department of Energy's Computer Incident Advisory Capability (CIAC) reported a flaw in directory security that applies to all three versions of the Sun OS.

The CIAC report states that a user might be able to gain unauthorized administrative access to Sun's Java System Directory Server 5.2 by simply logging in to the Directory Server console. The problem is considered to be low danger, because it can be quickly resolved by quickly changing administrative passwords on the directory server.

Experts say the vulnerabilities shouldn't be taken lightly, especially because Solaris is often seen as a "safe" OS and is frequently used in financial and other mission-critical systems. "This showcases that even the most secure platforms have exposures -- and often, it takes some time to discover them," says Rob Enderle, principal analyst at Enderle Group, an IT consultancy.

Sun also is taking a chance by issuing an alert on a vulnerability that hasn't yet been permanently patched, Enderle observes. An alert such as Sun's "makes it a race between those who need to correct the problem and those who want to take advantage of it. Firms like Sun have no real choice right now but to disclose problems in this way, but, in the future, we need a better way to do the notification so that it doesn't become a catalyst for successful exploits."

The directory vulnerabilities aren't the only flaws that have been discovered in Solaris this month. On May 9, the Australian Computer Emergency Response Team reported that a problem in the "libike" library of Solaris 9 and Solaris 10 could allow a remote user to make a denial-of-service attack on Sun servers by crashing the in.iked daemon. Sun released patches for both operating systems to close the hole.

— Tim Wilson, Site Editor, Dark Reading

Organizations mentioned in this story

About the Author

Tim Wilson, Editor in Chief, Dark Reading

Contributor

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one of the top cyber security journalists in the US in voting among his peers, conducted by the SANS Institute. In 2011 he was named one of the 50 Most Powerful Voices in Security by SYS-CON Media.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights