Solaris security hole opens way for online intruders

US boffins study 'live' attack...
Written by Ian Jones, Contributor on

US boffins study 'live' attack...

A security flaw in Sun's Solaris operating system has been exploited in an attempt to launch a series of denial of service (DoS) attacks in the US.

Researchers at the Honeynet Project - an American scheme designed to study and trap internet attackers - claim someone used the two-month old security loophole in Solaris to try to start a series of DoS attacks on several online chat servers.

According to reports on US wires, it's the first time the researchers have seen the Solaris 'buffer overflow' security issue exploited in the wild. The attacker accessed a Honeynet server, then a couple days later loaded a DoS tool onto it.

The flaw was first revealed by watchdog CERT (Computer Emergency Response Team) in November, and Solaris users are advised to download the relevant patch from Sun.

Editorial standards