Flaw puts Unix at risk from hackers

Vendors have been warned that a flaw in Unix could allow hackers to take control of their systems.
Written by ZDNET Editors, Contributor
Vendors have been warned that a flaw in Unix could allow hackers to take control of their systems.

Six vendors including IBM, Hewlett-Packard and Sun Microsystems have been alerted about a flaw that could allow hackers to take control of Unix systems.

Internet Security Systems (ISS) identified the Unix vulnerability about a month ago, and the company warned the serious weakness could be found in the systems of six Unix vendors. ISS and the Computer Emergency Response Team (Cert) issued an alert about the problem.

According to Cert's advisory, the vulnerability exists in a function used by the Common Desktop Environment (CDE). Because of an error in the way requests from clients are validated, hackers could manipulate data and cause a buffer overflow, the advisory warned. The affected software is included with several versions of Hewlett-Packard's HP-UX, IBM's AIX, Sun's Solaris, Caldera OpenUnix and UnixWare, and Compaq's Tru64 Unix.

While Caldera, Compaq, and IBM said they had a patch ready, HP disputed the versions of its Unix that needed the patch. Sun said there was not a problem at all but it would investigate further, and SGI said it had acknowledged the CDE vulnerabilities and was investigating further.

"This vulnerability affecting CDE is on by default in most Unix servers and desktops," said Dan Ingevaldson, ISS team leader for uncovering security vulnerabilities.

He said no known hacker tool has been posted to exploit the attack but pointed out that the vulnerability is serious enough for ISS to urge companies with Unix systems from the six vendors to check with them about the availability of patches.

Cert said many common Unix and Linux systems ship with CDE installed and enabled by default. Some Unix vendors have provided information on the subject, which is available at Cert's Web site .

Cert advised that until patches are available, users can lessen their exposure by limiting or blocking access to the Subprocess Control Services from untrusted networks.

Editorial standards