[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SunOS :statd patch

To: strombrg@hydra.acs.uci.edu
Subject: SunOS :statd patch
From: Dan Stromberg <strombrg@hydra.acs.uci.edu>
Date: Wed, 06 May 1998 12:37:05 -0700
Sender: strombrg@hydra.acs.uci.edu

Patch-ID# 103468-03
Keywords: security statd RPC NUM_PROC_FDS creat buffer overflow
Synopsis: SunOS 5.5: statd fixes
Date: Nov/17/97

Solaris Release: 2.5

SunOS Release: 5.5

Unbundled Product:

Unbundled Release:

Xref: This patch available for x86 as patch 103469

Topic: SunOS 5.5: statd fixes

BugId's fixed with this patch: 1196526 1243416 4034187

Changes incorporated in this version: 4034187

Relevant Architectures: sparc

Patches accumulated and obsoleted by this patch:

Patches which conflict with this patch:

Patches required with this patch:

Obsoleted by:

Files included with this patch:

/usr/lib/nfs/statd


Problem Description:

4034187 buffer overflow in statd allows root attack

(from 103468-02)

1196526 statd rpc.c define of NUM_PROC_FDS is too small, can cause creat
to fail

(from 103468-01)

1243416 statd security problem

Patch Installation Instructions:
--------------------------------
Refer to the Install.info file within the patch for instructions on
using the generic 'installpatch' and 'backoutpatch' scripts provided
with each patch. Any other special or non-generic installation
instructions should be described below.

Special Install Instructions:
-----------------------------
None.

Prev by Date: SunOS :Security Bulletin #00169
Next by Date: DCS :Smurf Attacks on UC Networks. (PING Packets now denied)
Previous by thread: SunOS :Security Bulletin #00169
Next by thread: DCS :Smurf Attacks on UC Networks. (PING Packets now denied)
Index(es):
- Date
- Thread