[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
- read forum
- new topic
- search

- meetings list
- recent additions
- add your info
 top 100 sites
- visit top sites
- sign up now
- members

- add your url
- add domain
- search box
- link to us

- our projects
- free email
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : SunOS Source Tape Installation Vulnerability

Title: SunOS Source Tape Installation Vulnerability
Released by: CERT
Date: 20th May 1991
Printable version: Click here

Hash: SHA1


Last revised:  September 18,1997

                Attached copyright statement

                               CERT Advisory

                                May 20, 1991

                 SunOS Source Tape Installation Vulnerability

- -------------------------------------------------------------------------

The Computer Emergency Response Team/Coordination Center (CERT/CC) has

received the following information from Sun Microsystems, Inc. (Sun).

Sun has given the CERT/CC permission to distribute their Security

Bulletin. It contains information regarding a fix for a vulnerability

in SunOS 4.0.3, SunOS 4.1 and SunOS 4.1.1.

The following Sun Microsystems Security Bulletin only applies to systems

that have installed the Sun Source tapes.

For more information, please contact Sun Microsystems at 1-800-USA-4SUN.

- -------------------------------------------------------------------------



    This information is only to be used for the purpose of alerting

    customers to problems. Any other use or re-broadcast of this

    information without the express written consent of Sun Microsystems

    shall be prohibited.

    Sun expressly disclaims all liability for any misuse of this information

    by any third party.


    Sun Bug ID  : 1059621

    Synopsis    : security hole created by installing sunsrc

    Sun Patch ID: Not applicable see fix below.

    This applies to sites that have installed Sun Source tapes only.


    The Sun distribution of sources (sunsrc) has an installation

    procedure which creates the directory /usr/release/bin and

    installs two setuid root files in it: makeinstall and winstall.

    These are both binary files which exec other programs: "make -k install"

    (makeinstall) or "install" (winstall).

    This makes it possible for users on that system to become root.

    The solution:

        chmod ug-s /usr/release/bin/{makeinstall, winstall}

        (if the sources have already been installed)


        edit the makefile in sunsrc/release and change the SETUID definition

        (if the sources have been extracted from tape but not installed yet)


    Special thanks to CERT and Tel-Aviv University for reporting this


    Brad Powell

    Sun Microsystems

    Software Security Coordinator.

- ---------------------------------------------------------------------------

The CERT/CC would like to thank Sun Microsystems, Inc. for their response

to this vulnerability.  We would also like to thank Ariel Cohen from

Tel-Aviv University, School of Mathematical Sciences for reporting the


- ---------------------------------------------------------------------------

If you believe that your system has been compromised, contact CERT/CC

via telephone or e-mail.

Computer Emergency Response Team/Coordination Center (CERT/CC)

Software Engineering Institute

Carnegie Mellon University

Pittsburgh, PA 15213-3890

Internet E-mail: cert@cert.org

Telephone: 412-268-7090 24-hour hotline:

           CERT/CC personnel answer 7:30a.m.-6:00p.m. EST,

           on call for emergencies during other hours.

Past advisories and other computer security related information are

available for anonymous ftp from the cert.org (


- --------------------------------------------------------------------------

Copyright 1991 Carnegie Mellon University. Conditions for use, disclaimers,

and sponsorship information can be found in

http://www.cert.org/legal_stuff.html and http://ftp.cert.org/pub/legal_stuff .

If you do not have FTP or web access, send mail to cert@cert.org with

"copyright" in the subject line.

CERT is registered in the U.S. Patent and Trademark Office.


Revision History

September 18,1997  Attached Copyright Statement


Version: PGP for Personal Privacy 5.0

Charset: noconv





(C) 1999-2000 All rights reserved.