Security News > 2001 > December > Security hole leaves some Unix servers wide open

http://www.nandotimes.com/technology/story/194719p-1890210c.html By MATTHEW FORDAHL, Associated Press SAN JOSE, Calif. (December 14, 2001 6:34 p.m. EST) - A recently uncovered security hole could give Internet hackers full access to Unix servers from IBM Corp. and Sun Microsystems Inc., experts said. Though no major breaches have been reported so far, the flaw could be used in worms that automatically seek out and infect vulnerable systems, said Dan Ingevaldson of Internet Security Systems. "The worst-case scenario would be some kind of worm that had advanced scanning logic like Nimda and Code Red," he said, referring to damaging worms that affected Microsoft-based computers earlier this year. ISS discovered the vulnerability in October, but didn't publicize it until after vendors were notified and could develop fixes. The problem stems from a flaw in the operating system's login program, which grants access by usernames and passwords. Because the program is used by remote-access software, the flaw can be exploited by people who do not have direct access to the system, according to an alert by the Computer Emergency Response Team. In some cases, the highest level of access could be granted. Patches are now available to fix machines that are running Sun Solaris and IBM AIX operating systems, Ingevaldson said. Other major Unix-based operating systems - including Mac OS X, Hewlett-Packard's HP-UX and Compaq's Tru64 - are not affected, CERT said. High-end Unix servers are used to run the largest Web sites as well as databases in business, government and academic environments. - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.

News URL

http://www.nandotimes.com/technology/story/194719p-1890210c.html