Just a few days after Hewlett-Packard Co. (HP) released a patch for a highly critical vulnerability in its Tru64 OS, it seems Sun Microsystems Inc.'s Solaris 9 has fallen sick with the same bug.
The hole in the IPSec and SSH programs -- used to securely send Internet data and system commands -- could allow a malicious user system access or launch a denial of service attack. Neither is good.
We don't know quite what the hole is since the patches were put out by HP, although it seems likely that Sun does, and having reviewed its own software, it too has put out a patch for Solaris 9 on x86 systems. According to the company, it doesn't not affect any other systems.
The actual patch is for Sun's Internet Key Exchange (IKE), which uses some of the same code that HP has. This is the official explanation: "The Internet Key Exchange (IKE) implementation in Solaris 9 uses ASN.1 code from SSH Inc. Under certain rare conditions, it may be possible for a local or remote unprivileged user to kill the in.iked(1M) daemon, resulting in a Denial of Service (DoS), or gain unauthorized root access due to a buffer overflow in the in.iked(1M) daemon."
Daemons? Gremlins in the works more like. Anyway, the patch is here, so get to work before you wake up to a security migraine. Sun's advisory is here. The hole itself, according to Sun, has to do with vulnerability CA-2003-26 which was first discovered in October.
We shall see if other vendors fall sick with the same bug in the next week or so.