TUCoPS :: SunOS/Solaris :: ciacc029.txt

SunOS Patch Summary

       _______________________________________________________
              The Computer Incident Advisory Capability
                     ___  __ __    _     ___
                    /       |     / \   /
                    \___  __|__  /___\  \___
        _____________________________________________________
                       Information Bulletin
 
                 Summary of SunOS Security Patches
 
July 31, 1992 1400 PDT	                                       Number C-29

CIAC has compiled a list of all security related patches currently
available from Sun Microsystems.  The patches have been grouped by
SunOS version and are detailed below.  CIAC recommends the
installation of any applicable patches that either are not currently
present on your system or are present in the form of an older version
of the patch.

The patches are available both through your local Sun Answer Center
and anonymous ftp.  In the U.S., ftp to ftp.uu.net and retrieve the
patches from the directory ~ftp/systems/sun/sun-dist.  In Europe, ftp
to mcsun.eu.net and retrieve the patches from the ~ftp/sun/fixes
directory.  The patches are contained in compressed tarfiles with
filenames based on the ID number of the patch (e.g. patch 100085-03 is
contained in the file 100085-03.tar.Z), and must be retrieved using
ftp's binary transfer mode.

After obtaining the patches, compute the checksum of each compressed
tarfile and compare with the values indicated below.  For example, the
command "sum 100085-03.tar.Z" should produce the value 44177 740.
Please note that Sun Microsystems occasionally updates patch files,
resulting in a changed checksum.  If you should find a checksum that
differs from those listed below, please contact Sun Microsystems or
CIAC for verification before using the patch.  

Finally, the patches must be extracted from the compressed tarfiles
using the commands uncompress and tar (e.g. to extract patch
100085-03, execute the commands "uncompress 100085-03.tar.Z" and 
"tar -xvf 100085-03.tar").

As multiple patches may affect the same files, it is recommended that
patches be installed chronologically by revision date, with the
exception of patches for which an explicit order is specified.  To
install a patch on your system, follow the instructions contained
in the README file which accompanies the patch.


SunOS 4.0.1 and 4.0.2
Patch ID   Last Revised  Checksum   Description
---------  ------------  ---------  -------------------------------------
100085-03    5-Sep-90    44177 740  selection_svc and rpc can be used to 
                                    view system files without login 
                                    permission

SunOS 4.0.2i
Patch ID   Last Revised  Checksum   Description
---------  ------------  ---------  -------------------------------------
100108-01    22-Aug-90   50309 146  sendmail can be coaxed into writing a 
                                    file not owned by the sender

SunOS 4.0.3 and 4.0.3c
Patch ID   Last Revised  Checksum   Description
---------  ------------  ---------  -------------------------------------
100224-02   15-Jan-90    39010 223  mail and rmail can invoke root and 
                                    uucp shells
100100-01   30-Jul-90    43821 588  sendmail permits users to run programs
                                    with root's group privileges
100101-02    7-Aug-90    42872 34   ptrace security hole
100085-03    5-Sep-90    44177 740  selection_svc and rpc can be used to 
                                    view system files without login 
                                    permission
100184-02   14-Dec-90    06627 33   OpenWindows 2.0 sv_xv_sel_svc and rpc
                                    permit access to system files
100125-05    8-Jul-91    41964 164  telnet permits password capture
100383-04    5-Feb-92    42306 113  rdist can be forced to create setuid 
                                    root programs

SunOS 4.1
Patch ID   Last Revised  Checksum   Description
---------  ------------  ---------  -------------------------------------
100224-02   15-Jan-90    39010 223  mail and rmail can invoke root and 
                                    uucp shells
100101-02    7-Aug-90    42872 34   ptrace security hole
100085-03    5-Sep-90    44177 740  selection_svc and rpc can be used to
                                    view system files without login
                                    permission
100184-02   14-Dec-90    06627 33   OpenWindows 2.0 sv_xv_sel_svc and rpc
                                    permit access to system files
100187-01   15-Dec-90    27724 139  Console input and output can be 
                                    redirected
100251-01   25-Mar-91    44264 32   expreserve race condition
100121-08    1-Apr-91    61464 287  NFS jumbo patch
100201-04    3-Jul-91    24358 169  C2 jumbo patch
100125-05    8-Jul-91    41964 164  telnet permits password capture
100103-10   30-Sep-91    26292 7    Many files distributed with incorrect 
                                    permissions
100296-02   16-Oct-91    30606 23   rpc.mountd exports filesystems 
                                    incorrectly
100383-04    5-Feb-92    42306 113  rdist can be forced to create setuid
                                    root programs
100305-07    3-Mar-92    25894 283  The lp daemon can delete system files
100173-08    7-May-92    32716 562  NFS jumbo patch
100377-04   14-May-92    14692 311  sendmail security holes
100630-01   18-May-92    36269 39   Environment variables can be used to
                                    exploit login and su
100482-02   20-May-92    53416 284  ypserv and ypxfrd will send NIS maps 
                                    to anyone
100567-02   13-Jul-92    23118 13   ICMP redirect messages can be used to
                                    make a host drop network connections
100376-04   16-Jul-92    12884 100  Integer division on Sparc can allow 
                                    root access

SunOS 4.1_PSR_A
Patch ID   Last Revised  Checksum   Description
---------  ------------  ---------  -------------------------------------
100224-02   15-Jan-90    39010 223  mail and rmail can invoke root and 
                                    uucp shells
100184-02   14-Dec-90    06627 33   OpenWindows 2.0 sv_xv_sel_svc and rpc
                                    permit access to system files
100187-01   15-Dec-90    27724 139  Console input and output can be
                                    redirected
100201-04    3-Jul-91    24358 169  C2 jumbo patch
100296-02   16-Oct-91    30606 23   rpc.mountd exports filesystems 
                                    incorrectly
100383-04    5-Feb-92    42306 113  rdist can be forced to create setuid 
                                    root programs
100305-07    3-Mar-92    25894 283  The lp daemon can delete system files
100377-04   14-May-92    14692 311  sendmail security holes
100630-01   18-May-92    36269 39   Environment variables can be used to
                                    exploit login and su

SunOS 4.1.1
Patch ID   Last Revised  Checksum   Description
---------  ------------  ---------  -------------------------------------
100224-02   15-Jan-90    39010 223  mail and rmail can invoke root and 
                                    uucp shells
100085-03    5-Sep-90    44177 740  selection_svc and rpc can be used to
                                    view system files without login
                                    permission
100184-02   14-Dec-90    06627 33   OpenWindows 2.0 sv_xv_sel_svc and rpc
                                    permit access to system files
100251-01   25-Mar-91    44264 32   expreserve race condition
100201-04    3-Jul-91    24358 169  C2 jumbo patch
100125-05    8-Jul-91    41964 164  telnet permits password capture
100296-02   16-Oct-91    30606 23   rpc.mountd exports filesystems 
                                    incorrectly
100103-10   30-Sep-91    26292 7    Many files distributed with incorrect
                                    permissions
100424-01   12-Nov-91    63070 50   NFS with fsirand file handle guessing
                                    problems
                                    Note: should only be applied with
                                          patch 100173-08
                                    Note: incompatible with Online:
                                          DiskSuite and Backup: Copilot
100448-01   10-Dec-91    02672 5    OpenWindows 3.0 loadmodule security hole
100387-02    3-Feb-92    07868 4400 C2 bug fixes and enhancements, Basic
                                    Security Module
                                    Note: incompatible with patch 100201-04
100383-04    5-Feb-92    42306 113  rdist can be forced to create setuid 
                                    root programs
100478-01   14-Feb-92    64588 58   OpenWindows 3.0 xlock can crash,
                                    leaving system open
100188-02   28-Feb-92    52332 132  TIOCCONS and pty security holes
100305-07    3-Mar-92    25894 283  The lp daemon can delete system files
100173-08    7-May-92    32716 562  NFS jumbo patch
                                    Note: incompatible with Online:
                                          DiskSuite and Backup: Copilot
100377-04   14-May-92    14692 311  sendmail security holes
100630-01   18-May-92    36269 39   Environment variables can be used to
                                    exploit login and su
100482-02   20-May-92    53416 284  ypserv and ypxfrd will send NIS maps 
                                    to anyone
100633-01   22-May-92    43774 20   Environment variables can be used to
                                    exploit login and su when using Sun's
                                    ARM product
100567-02   13-Jul-92    23118 13   ICMP redirect messages can be used to
                                    make a host drop network connections
100376-04   16-Jul-92    12884 100  Integer division on Sparc can allow 
                                    root access

SunOS 4.1.2
Patch ID   Last Revised  Checksum   Description
---------  ------------  ---------  -------------------------------------
100184-02   14-Dec-90    06627 33   OpenWindows 2.0 sv_xv_sel_svc and rpc
                                    permit access to system files
100296-02   16-Oct-91    30606 23   rpc.mountd exports filesystems 
                                    incorrectly
100448-01   10-Dec-91    02672 5    OpenWindows 3.0 loadmodule security hole
100383-04    5-Feb-92    42306 113  rdist can be forced to create setuid
                                    root programs
100478-01   14-Feb-92    64588 58   OpenWindows 3.0 xlock can crash,
                                    leaving system open
100188-02   28-Feb-92    52332 132  TIOCCONS and pty security holes
100564-01    1-Apr-92    29774 415  C2 jumbo patch
100305-07    3-Mar-92    25894 283  The lp daemon can delete system files
100173-08    7-May-92    32716 562  NFS jumbo patch
100377-04   14-May-92    14692 311  sendmail security holes
100630-01   18-May-92    36269 39   Environment variables can be used to
                                    exploit login and su
100482-02   20-May-92    53416 284  ypserv and ypxfrd will send NIS maps
                                    to anyone
100633-01   22-May-92    43774 20   Environment variables can be used to
                                    exploit login and su when using Sun's
                                    ARM product
100567-02   13-Jul-92    23118 13   ICMP redirect messages can be used to
                                    make a host drop network connections
100376-04   16-Jul-92    12884 100  Integer division on Sparc can allow
                                    root access
                                    Note: sun4m architectures require
                                          patch 100542-04

For additional information or assistance, please contact CIAC:

      Voice:  (510) 422-8193 / FTS
      E-mail: ciac@llnl.gov
      FAX:    (510) 423-8002 / FTS.

Previous CIAC bulletins and other information are available via
anonymous ftp from irbis.llnl.gov (ip address 128.115.19.60).

PLEASE NOTE: Many users outside of the DOE and ESnet computing
communities receive CIAC bulletins.  If you are not part of these
communities, please contact your agency's response team to report
incidents.  Some of the other teams include the NASA NSI response
team, DARPA's CERT/CC, NAVCIRT, and the Air Force response team.  Your
agency's team will coordinate with CIAC.

Neither the United States Government nor the University of California
nor any of their employees, makes any warranty, expressed or implied,
or assumes any legal liability or responsibility for the accuracy,
completeness, or usefulness of any information, product, or process
disclosed, or represents that its use would not infringe privately
owned rights.  Reference herein to any specific commercial products,
process, or service by trade name, trademark manufacturer, or
otherwise, does not necessarily constitute or imply its endorsement,
recommendation, or favoring by the United States Government or the
University of California.  The views and opinions of authors expressed
herein do not necessarily state or reflect those of the United States
Government nor the University of California, and shall not be used for
advertising or product endorsement purposes.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH