Hi >Alfred,
>
>The exploit has been sent to Sun and is currently under inspection. When
>it is publicly available it will be posted to Bugtraq and to the
>SecurityFocus.com Vuldb.
true, but not via the proper channels until recently :-(
> If someone else posts this vulnerability to the
>list, we will of course allow it.
:-) ;^}
>
> Workaround:
>
> Unless you require sadmin (if your using the Solstice AdminSuite you do)
>we suggest you comment sadmind out from your /etc/inetd.conf entry.
>
> By default, the line in /etc/inetd.conf that starts sadmind appears as
>follows:
>
> 100232/10 tli rpc/udp wait root /usr/sbin/sadmind sadmind
>
> If you do require this service we suggest you block all access to it from
>external networks via filtering rulesets on your router(s) or Firewall(s).
>
>
You missed a couple other things that will help. Tcp_wrappers on the service,
Running 'sadmind -S2' and setting the stack to noexec_user_stack =1"
via /etc/system (from the titan module that does this)
* Don't allow executing code on the stack
*set noexec_user_stack = 1
* And log it when it happens.
*set noexec_user_stack_log = 1
set nfssrv:nfs_portmon = 1
============================================================================
Brad Powell : [EMAIL PROTECTED] (WORK: [EMAIL PROTECTED])
Sr. Network Security Architect Sun Microsystems Inc.
============================================================================
The views expressed are those of the author and may not reflect the views
of Sun Microsystems Inc.
============================================================================
