|
Sun(sm) Alert Notification
1. ImpactA local or remote user may be able to cause a denial of service, or possibly execute arbitrary code or commands with the privileges of the xfs(1) X font server. The X font server runs as user "nobody". This issue is described at: http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21541. Sun acknowledges with thanks, ISS X-Force, for bringing this issue to our attention.
2. Contributing FactorsThis issue can occur in the following releases: SPARC
Intel
3. SymptomsThere are no reliable symptoms that would show the described issue has been exploited other then the X font server exiting unexpectedly. The X font server is automatically restarted by "inetd" when the next request for a font is received. There may be a few seconds delay when the new font server starts. If the malicious user continually attacks the X font server, then in that case, any user (both local or remote) using the X font server will experience their X window system freeze.
4. Relief/WorkaroundThe X font server can be disabled by commenting out (with "#") the following line in the inetd.conf file: # fs stream tcp wait nobody /usr/openwin/lib/fs.auto fs Have the inetd(1M) process reread the newly modified /etc/inetd.conf file by sending it a hangup signal, SIGHUP, as the root user: # ps -ef | grep inetd # kill -HUP <PID of inetd from above ps output> This workaround will cause font server operations for X terminals and remote X sessions to fail.
5. ResolutionThis issue is addressed in the following releases: SPARC
Intel
Note: Solaris 2.5.1 requires an upgrade to a later release with the appropriate patch.
Change History20-Dec-2002:
This Sun Alert notification is being provided to you on an "AS IS" basis. This Sun Alert notification may contain information provided by third parties. The issues described in this Sun Alert notification may or may not impact your system(s). Sun makes no representations, warranties, or guarantees as to the information contained herein. ANY AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT, ARE HEREBY DISCLAIMED. BY ACCESSING THIS DOCUMENT YOU ACKNOWLEDGE THAT SUN SHALL IN NO EVENT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES THAT ARISE OUT OF YOUR USE OR FAILURE TO USE THE INFORMATION CONTAINED HEREIN. This Sun Alert notification contains Sun proprietary and confidential information. It is being provided to you pursuant to the provisions of your agreement to purchase services from Sun, or, if you do not have such an agreement, the Sun.com Terms of Use. This Sun Alert notification may only be used for the purposes contemplated by these agreements. Copyright 2001, 2002 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.
Top | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||