-----BEGIN PGP SIGNED MESSAGE-----

==============================================================================
Security Advisory                                                      CERT-NL
==============================================================================
Author/Source : Don Stikvoort                              Index  :    S-96-41
Distribution  : World                                      Page   :          1
Classification: External                                   Version:          1
Subject       : Vulnerability in Solaris 2.x vold          Date   :  07-Aug-96
==============================================================================

By courtesy of AUSCERT we received the following information. We present it 
in its CERT Coordination Center incarnation because of the then 
availablility of the CERT-NL mirror and notifier services (see below).

CERT Coordination Center advisory CA-96.17 reports a vulnerability 
in the Solaris 2.x Volume Management daemon, vold(1M) .
This program is used to help manage CDROM and floppy devices..

This vulnerability allows gaining root access. Exploits are publicly 
available.

This advisory provides a workaround until offical patches arrive.

CERT-NL recommends strongly to adopt the workaround.

Additional information with regards to this vulnerability is placed in 
the README file associated with the advisory. You are encouraged to check 
on README file updates regularly. You can automate that process by using 
the CERT-NL notifier service. 

All CERT Coordination Center advisories and README's are mirrored by CERT-NL.
The specific URL's for this case are:

ftp://ftp.surfnet.nl/surfnet/net-security/cert-cc-mirror/cert_advisories/
CA-96.17.Solaris_vuld_vul
 
ftp://ftp.surfnet.nl/surfnet/net-security/cert-cc-mirror/cert_advisories/
CA-96.17.README

More information about the CERT-NL mirror and notifier services is 
contained in News items N-95-01 (notifier) and N-95-02 (CERT mirror), 
both present on ftp://ftp.surfnet.nl/surfnet/net-security/cert-nl/docs/news/

==============================================================================

CERT-NL is the Computer Emergency Response Team for SURFnet customers. 
SURFnet is the Dutch network for educational, research and related institutes.
CERT-NL is a member of the Forum of Incident Response and Security Teams 
(FIRST). 

All CERT-NL material is available under:
  http://www.surfnet.nl/surfnet/security/cert-nl.html
  ftp://ftp.surfnet.nl/surfnet/net-security 
  
In case of computer or network security problems please contact your 
local CERT/security-team or CERT-NL  (if your institute is NOT a SURFnet 
customer please address the appropriate (local) CERT/security-team).

CERT-NL is one/two hour(s) ahead of UTC (GMT) in winter/summer,
i.e. UTC+0100 in winter and UTC+0200 in summer (DST).
   Email:     cert-nl@surfnet.nl
   Phone:     +31 302 305 305
   Fax:       +31 302 305 329
   Snailmail: SURFnet bv
              Attn. CERT-NL
              P.O. Box 19035
              NL - 3501 DA  UTRECHT
              The Netherlands
   A 7 * 24 hours phone number is available to SURFnet SSC's and FIRST
   members on request.
==============================================================================


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMgiOA2L2fnkJN/jpAQFb2AP/bzE8LaTz/VqYjqHnaZompX5GVUI1k35m
v10lF2EKoPj7PyEOZ35/BD8RsVf3nxh62UGJ1fs4KkWP8maJwDuOTRe1JYR4SN+5
bSnGr72lDFflpKAgARMogasDxjwAjOtRb9Rmq+636umh2l6pmkFadhUhiuZjX8zo
6JEOGfNC9SE=
=zdOG
-----END PGP SIGNATURE-----