Font flaw foils Solaris security

27 Nov 2002 08:53


The vulnerability could give hackers and online vandals the ability to take control of Solaris-based systems. It affects every version of the operating system from Solaris 2.5.1 to Solaris 9

A flaw in the software that handles fonts for the desktop interface on Solaris-based workstations and servers could leave the computers open to attack, security experts said late on Monday.

The vulnerability could give hackers and online vandals the ability to take control of Solaris-based systems, according to an advisory released by security software developer Internet Security Systems. Sun Microsystems spokesman Brett Smith confirmed that the company knew of the flaw.

"We are aware of the problem, and we are working on a patch," he said, adding that Sun had been working with ISS on a patch, but problems during testing had delayed the fix. "We are trying to get it up as soon as possible."

The flaw, a memory problem known as a buffer overflow, appears in the X Windows Font Server (XFS) software known as fs.auto, a key component of the Solaris desktop system. However, the problem doesn't just affect workstations, said Jay Dyson, senior security consultant with security software Web site Treachery Unlimited.

"The problem is that it comes turned on with default Solaris," he said. "And 90 percent of the people don't turn it off."

The flaw affects every version of the operating system from Solaris 2.5.1 to Solaris 9 on both Sun's Sparc and Intel's x86 architectures, ISS stated in its advisory. A representative from the Atlanta-based security company was not immediately available for comment.

ISS recommends that administrators turn off the Solaris font software unless it's absolutely necessary. On any computer that needs the software, the company recommends that administrators block the port to keep outside attackers from using the flaw to get control of a computer within the network. A port is a software data channel that applications use to communicate with other computers via a network.

For all security-related news, including updates on the latest viruses, hacking exploits and patches, check out ZDNet UK's Security News Section.

Have your say instantly, and see what others have said. Go to the Security forum.

Let the editors know what you think in the Mailroom.

Story URL: http://news.zdnet.co.uk/itmanagement/0,1000000308,2126588,00.htm

Copyright © 1995-2008 CNET Networks, Inc. All rights reserved
ZDNET is a registered service mark of CNET Networks, Inc. ZDNET Logo is a service mark of CNET Networks, Inc.