On Sun, 23 Apr 2017, Edmond Orignac wrote:
> The Register mentions that a vulnerability against a local attacker
> has been patched in "Common Desktop Environment on Solaris 10 that is
> exploited by the NSA's now-public EXTREMEPARR tool to seize control of
> vulnerable machines" (CVE-2017-3622)
>
> https://www.theregister.co.uk/2017/04/19/oracle_april_security_patches_nsa/
>
> according to
> http://securityaffairs.co/wordpress/57951/hacking/shadow-brokers-solaris-exploits.html
> dtappgather is targeted by the exploit.
> Is the LGPL CDE also vulnerable ? I haven't seen any mention of that
> exploit used against HP-UX or AIX, but I may simply have not been paying
> attention.
>
>
> Searching for information on the web, I noticed that on GitHub, somebody
> has posted an exploit abusing 'ttsession'.
>
> https://github.com/x0rz/EQGRP/blob/master/Linux/bin/violetspirit.README
>
> This could be related to the weak authentication of ttsession mentioned
> in http://www.cert.org/historical/advisories/CA-1999-11.cfm
>
It's difficult to tell whether these might affect our CDE. I did test
the ttsession exploits, they failed. I think these might be do to
errors in the Solaris implementation of RPC/XDR that linux does not
have. We also do not run rpc.ttdbserverd or rpc.cmsd by default, and
I'd encourage us not to :)
But the CVE numbers mentioned are reserved - meaning the numbers have been
reserved, but no information is associated with them yet.
If anyone wnats to have a go at seeing what these actually exploit (in
some cases hard since only binaries are provided), please do so.
But at least from my perspective, I haven't been able to get any of
the mentioned exploits to work. They run, but do not successfully
exploit any bugs.
--
Jon Trulson
"But when I'm in command, every mission's a suicide mission."
- Zapp Brannigan
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
cdesktopenv-devel mailing list
cdesktopenv-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cdesktopenv-devel
