Solaris bug gives hackers free rein
LONDON--Researchers have discovered a bug that could give hackers unlimited access to any
machine running Sun's Unix operating system, Solaris. The bug, discovered by security
consultancy ISS X-Force, affects a utility designed to give remote users access to a local printer.
The line printer daemon (in.lpd), as it is called, contains a flaw in the "transfer job" routine that
could allow hackers to overflow an unchecked buffer, a common means of gaining unauthorized
access to a computer. Hackers could exploit the flaw to crash the printer daemon or execute
malicious code with system administrator privileges, according to X-Force. The printer software is
installed by default on all Solaris systems.
Sun says it is working on a fix, which will be available next month, and X-Force recommends the
software be turned off until the patch is available. Solaris runs on Sun Microsystems and Intel
hardware, and is the dominant operating system for high-end Internet servers.
CNet.