SEAM 1.0.1: patch for Solaris 8 |
Status: RELEASED
Patch Id: 110060-22
***********************************************************************
READ THE TERMS OF THE AGREEMENT ("AGREEMENT") IN THE LEGAL_LICENSE.TXT
FILE CAREFULLY BEFORE USING THIS SOFTWARE. BY USING THE SOFTWARE, YOU
AGREE TO THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE
TERMS, PROMPTLY DESTROY THE UNUSED SOFTWARE.
***********************************************************************Summary: SEAM 1.0.1: patch for Solaris 8
Date: Jul/24/2007
Installation Requirements:
NA
Solaris Release: 8
Sun OS Release: 5.8
Unbundled Product: Solaris Enterprise Authentication Mechanism
Unbundled Release: 1.0.1
Xref: This patch available for x86 as patch 110061
Topic:
Relevant Architecture: sparc
BugId's fixed with this patch:
4310410 4310415 4310420 4311749 4313926 4338622 4346120 4346410 4348078 4390628 4418644 4451327 4484541 4491825 4493059 4509090 4524845 4615238 4632646 4634657 4806989 4836676 4902682 5054473 5077951 6209960 6248576 6327628 6529370 6538001 6562672
Changes incorporated in this version:
6562672 6538001
Patches accumulated and obsoleted by this patch:
Patches which conflict with this patch:
Required Patches:
Obsoleted by:
Files Included in this Patch:
/usr/krb5/bin/ftp
/usr/krb5/bin/telnet
/usr/krb5/lib/ftpd
/usr/krb5/lib/krb5kdc
/usr/krb5/lib/libkadm5srv.so
/usr/krb5/lib/libkadm5srv.so.1
/usr/krb5/lib/libpty.so
/usr/krb5/lib/libpty.so.1
/usr/krb5/lib/login.krb5
/usr/krb5/lib/rlogind
/usr/krb5/lib/rshd
/usr/krb5/lib/telnetd
/usr/krb5/sbin/kdb5_util
usr/krb5/lib/kadmind
Problem Description:
6562672 [MITKRB5-SA-2007-005] kadmind vulnerable to buffer overflow
6538001 (CVE-2007-0957) KDC, kadmind stack overflow in krb5_klog_syslog
(from 110060-21)
6529370 [MITKRB5-SA-2007-001] SEAM telnetd (SUNWkr5sv) allows login as any user without password
(from 110060-20)
6327628 SEAM patches require patchpro metadata
(from 110060-19)
This revision was built to address a patch packaging issue.
(from 110060-18)
6248576 SEAM telnet client needs Solaris fix 6234932 (buffer overflow)
(from 110060-17)
5077951 /usr/krb5/lib/rlogind not cleaning out its environment properly when inetd is restarted by hand
5054473 kerberized telnet daemon ignores /etc/issue
(from 110060-16)
6209960 heap buffer overflow in libkadm5srv
(from 110060-15)
4902682 SEAM 1.10 ftp client, cu getting message "Value too large for defined data type"
(from 110060-14)
4836676 bounds checks not in place for princs in krbv5
(from 110060-13)
4806989 kerberized telnet client does not handle "mode character" correctly
(from 110060-12)
4524845 forwardable flags are not set when telneting from a non-kerberos to a kerberos
4632646 kerberos telnetd uses login.krb5 which does not honor /etc/default/login
4390628 login.krb5 doesn't call PAM API in the correct order
4634657 login.krb5 core dumped
(from 110060-11)
4338622 BUFFER OVERRUN VULNERABILITIES IN KERBEROS (SEAM)
4509090 SEAM telnetd gives away if a user exists or not
(from 110060-10)
4615238 login.krb5 contains buffer overflow
(from 110060-09)
4313926 kerberos rlogin/rsh/telnet/ftp sessions not audited
(from 110060-08)
4491825 ktelnet security problem when used with roles
(from 110060-07)
4484541 krbv5 telnetd vulnerable to buffer overflows
4493059 CR 4310420 fix needs some more work
(from 110060-06)
4418644 ftp server does not conform with rfc 2228
4451327 krb5 ftpd vulnerable to buffer overflows
(from 110060-05)
4311749 SEAM 1.0 telnet core dumping when the KDC is Win2000 FCS
(from 110060-04)
4346410 Kerberos 5 telnetd creates many useless utmpx files
(from 110060-03)
4348078 /var/krb5/kdc.log and /var/krb5/kadmin.log has permissions 0644
(from 110060-02)
4346120 rlogin using kerberos takes too long
(from 110060-01)
4310415 kerberized rshd fails with non-root-accessible home directories
4310420 kerberized ftpd fails to chdir to non-root-accessible home directories
4310410 login.krb5 chdir to non-root-accessible home directories fails for rlogin/telnetRevision History:
110060-06 110060-17 110060-10 110060-21 110060-16 110060-05 110060-12 110060-08 110060-13 110060-19 110060-14 110060-07 110060-11 110060-04 110060-15
Patch Installation Instructions:
--------------------------------
For Solaris 2.0-2.6 releases, refer to the Install.info file and/or
the README within the patch for instructions on using the generic
'installpatch' and 'backoutpatch' scripts provided with each patch.
For Solaris 7-8 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions. The following example
installs a patch to a standalone machine:
example# patchadd /var/spool/patch/104945-02
The following example removes a patch from a standalone system:
example# patchrm 104945-02
For additional examples please see the appropriate man pages.Special Install Instructions:
-----------------------------
NOTE 1: To get the complete fix for bugid 4836676 (Bounds checks not in place
for princs in krbv5), please also install the following patch:
112237-09 (or greater) mech_krb5.so.1 patch
Although 110060-04 and 112237-09 do not have a hard requirement or
dependency on each other, the complete resolution for bugid 4836676
requires both patches.
README -- Last modified date: Tuesday, July 24, 2007
|
Subscribe |
Careers |
Contact Us |
Site Maps |
Legal Notices |
Terms of Use |
Your Privacy Rights |
Sun Contracted Content
Sun Contracted Feature
