CERT-In Vulnerability Note CIVN-2008-122
Vulnerability in the Solaris snoop utility
Original Issue Date:
August 13, 2008
Severity Rating:
High
System Affected
- Solaris 8
- Solaris 9
- Solaris 10
Overview
Vulnerability has been reported in Solaris snoop utility that may allow remote user to execute arbitrary commands as the user nobody at the time of displaying SMB traffic.
Description
Snoop (software), a utility on Solaris to capture and inspect network packets, while Server Message Block (SMB) traffic is an application-level network protocol typically used for file and print sharing.
A vulnerability has been reported in Sun Solaris, snoop utility, which can be exploited by malicious people from remote place to compromise a user's system. If "snoop" is invoked as "root", the effective user is changed to "nobody". This is caused due to an unspecified error in the snoop utility related to displaying SMB traffic. And the vulnerability can be exploited to execute arbitrary commands when a specially crafted packet is captured or read via the "-i" option. Successful exploitation requires that "snoop" is used without the "-o" command line option.
Solutions
Apply appropriate patches as suggested by vendor
- SPARC Platform
- Solaris 8 with patch 108964-11
- Solaris 9 with patch 112915-05
- Solaris 10 with patch 138083-01
- x86 Platform
- Solaris 8 with patch 108965-11
- Solaris 9 with patch 114262-04
- Solaris 10 with patch 138084-01
Vendor Information
SUN
http://sunsolve.sun.com/search/document.do?
assetkey=1-66-240101-1
References
SUN
http://sunsolve.sun.com/search/document.do?
assetkey=1-66-240101-1
Secunia
http://secunia.com/advisories/31386/
FrSIRT
http://www.frsirt.com/english/advisories/2008/2311
SecurityFocus
http://www.securityfocus.com/bid/30556
CVE Name
CVE-2008-0964
CVE-2008-0965 Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
