Patch-ID# 110057-08


Download this patch from My Oracle Support

Your use of the firmware, software and any other materials contained in this update is subject to My Oracle Support Terms of Use, which may be viewed at My Oracle Support.
For further information on patching best practices and resources, please see the following links:
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.

Keywords: security login.krb5 chdir ftpd telnetd kerberos rshd
Synopsis: SEAM 1.0: Patch for Solaris 2.6 / 7
Date: Jun/10/2005


Install Requirements: NA

Solaris Release: 2.6 7

SunOS Release: 5.6 5.7

Unbundled Product: Solaris Enterprise Authentication Mechanism

Unbundled Release: 1.0

Xref: This patch available for x86 as patch 110058

Topic:

Relevant Architectures: sparc

Bugs fixed with this patch:

Sun CR # Bug #
431041015014138
431041515014142
431042015014147
433862215025875
445132715062245
448454115073291
449305915076006
450909015081358
461523815091226
483667615152065
624857615257493


Changes incorporated in this version: 6248576

Patches accumulated and obsoleted by this patch:

Patches which conflict with this patch:

Patches required with this patch:

Obsoleted by:

Files included with this patch:

/usr/krb5/bin/telnet
/usr/krb5/lib/ftpd
/usr/krb5/lib/krb5kdc
/usr/krb5/lib/libkadm5srv.so
/usr/krb5/lib/libkadm5srv.so.1
/usr/krb5/lib/login.krb5
/usr/krb5/lib/rlogind
/usr/krb5/lib/rshd
/usr/krb5/lib/telnetd
/usr/krb5/sbin/kdb5_util

Problem Description:

6248576 SEAM telnet client needs solaris fix 6234932 (buffer overflow)
 
(from 110057-07)
 
4836676 Bounds checks not in place for princs in krbv5
 
(from 110057-06)
 
4509090 SEAM telnetd gives away if a user exists or not
 
(from 110057-05)
 
4338622 BUFFER OVERRUN VULNERABILITIES IN KERBEROS (SEAM)
 
(from 110057-04)
 
4615238 login.krb5 contains buffer overflow
 
(from 110057-03)
 
4484541 krbv5 telnetd vulnerable to buffer overflows
4493059 4310420 fix needs some more work
 
(from 110057-02)
 
4451327 krb5 ftpd vulnerable to buffer overflows
 
(from 110057-01)
 
4310415 kerberized rshd fails with non-root-accessible home directories
4310420 kerberized ftpd fails to chdir to non-root-accessible home directories
4310410 login.krb5 chdir to non-root-accessible home directories fails for rlogin/telnet


Patch Installation Instructions:
-------------------------------- 
For Solaris 2.0-2.6 releases, refer to the Install.info file and/or
the README within the patch for instructions on using the generic
'installpatch' and 'backoutpatch' scripts provided with each patch.
 
For Solaris 7-9 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions.  The following example
installs a patch to a standalone machine:
 
       example# patchadd /var/spool/patch/104945-02
 
The following example removes a patch from a standalone system:
 
For additional examples please see the appropriate man pages.


Special Install Instructions:
----------------------------- 
Solaris 2.6:
For Bug ID 4338622, the complete fix requires
patch 112534-01 or greater. Although patches 112534-01
and 110057-05 do not require/depend on each other,
the complete resolution for the bug requires both.
 
Solaris 7:
For Bug ID 4338622, the complete fix requires
patch 112536-01 or greater. Although patches 112536-01
and 110057-05 do not require/depend on each other,
the complete resolution for the bug requires both.
 
Solaris 7:
For Bug ID 4836676, the complete fix requires
patch 112536-04 or greater. Although patches 112536-04
and 110057-07 do not require/depend on each other,
the complete resolution for the bug requires both.


README -- Last modified date: Friday, November 9, 2012