Solaris bug gives hackers free rein

Printer daemon contains glitch that could allow attackers to gain root-level access and execute malicious code
Written by Matthew Broersma, Contributor

Researchers have discovered a bug that could give hackers unlimited access to any machine running Sun's Unix operating system, Solaris.

The bug, discovered by security consultancy ISS X-Force, affects a utility designed to give remote users access to a local printer. The line printer daemon (in.lpd), as it is called, contains a flaw in the "transfer job" routine that could allow hackers to overflow an unchecked buffer, a common means of gaining unauthorised access to a computer.

Hackers could exploit the flaw to crash the printer daemon or execute malicious code with system administrator privileges, according to X-Force. The printer software is installed by default on all Solaris systems.

Sun says it is working on a fix, which will be available next month, and X-Force recommends the software be turned off until the patch is available.

Solaris runs on Sun Microsystems and Intel hardware, and is the dominant operating system for high-end Internet servers.

Is your PC safe? Find out in ZDNet UK's Viruses and Hacking News Section.

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.

Let the editors know what you think in the Mailroom. And read other letters.

Editorial standards