[prev in list] [next in list] [prev in thread] [next in thread] 

List:       focus-sun
Subject:    Re: Sun Security and Patches (was: Free or Low Cost Firewalls)
From:       Ryan Russell <ryan () SECURITYFOCUS ! COM>
Date:       2000-04-07 18:17:45
[Download RAW message or body]

On Fri, 7 Apr 2000, Bennett Todd wrote:

> The only places that Sun patches could help improve my security
> would be if there were remotely exploitable weaknesses in Sun's IP
> stack, and the last one I recall was the easily-exhausted half-open
> TCP connection queue, making boxes vulnerable to SYN flooding.
> Correct me if I'm wrong, but I don't remember Sun offering a patch
> for that; they recommended kernel config changes instead.
>

There was some sort of Mutex problem on Solaris that nmap exposed:
http://www.securityfocus.com/vdb/bottom.html?vid=655

I also recall something about making inetd fall over or go unresponsive
temporarily.  You might be using something different, or don't need it.

I've seen many old SunOS machines fall over due to malformed pacets and
frames, but if you're assuming some reasonable recent minimum version of
Solaris (say >=2.6) that doesn't really count.

AFAIK, they're all in the DoS category.

Beyond that, if you don't use any of the Sun network services, and don't
rely too heavily on local progs with bugs to runs scripts and so on
(snoop, mail, etc..) then you're probably OK.

					Ryan

[prev in list] [next in list] [prev in thread] [next in thread]