Solaris security hole opens way for online intruders

A security flaw in Sun's Solaris operating system has been exploited in an attempt to launch a series of denial of service (DoS) attacks in the US.

Researchers at the Honeynet Project - an American scheme designed to study and trap internet attackers - claim someone used the two-month old security loophole in Solaris to try to start a series of DoS attacks on several online chat servers.

According to reports on US wires, it's the first time the researchers have seen the Solaris 'buffer overflow' security issue exploited in the wild. The attacker accessed a Honeynet server, then a couple days later loaded a DoS tool onto it.

The flaw was first revealed by watchdog CERT (Computer Emergency Response Team) in November, and Solaris users are advised to download the relevant patch from Sun.

For related news, see
Sun stalls on Solaris for Intel
http://www.silicon.com/a50280
Sun unveils Solaris 9
http://www.silicon.com/a47936
OS Wars: Unix vendors prepare to take on Windows XP
http://www.silicon.com/a48422
Sun results point to underlying weakness
http://www.silicon.com/a45924

To buy related reports or event tickets, click:
Report: E-Application Management Services assessment
http://www.silicon.com/goto-ecc-enteapp
Report: IT Expenditure Assessment - Who is spending what on IT and why?
http://www.silicon.com/goto-ecc-reita
Event: Business Intelligence 2002 - Managing effectively in times of economic uncertainty
http://www.silicon.com/goto-ecc-evbi