Status: RELEASED

Patch Id: 110668-05

Summary: SunOS 5.8: telnet patch

Date:  Mar/28/2005

Installation Requirements:

Reconfigure after installation

Solaris Release: 8

Sun OS Release: 5.8

Unbundled Product: 

Unbundled Release: 

Xref: This patch available for x86 as patch 110669

Topic: 

SunOS 5.8: telnet patch

Relevant Architecture: sparc

BugId's fixed with this patch:

4366956 4375449 4483514 4516876 4523990 4527873 4798177 6234932

Changes incorporated in this version:

6234932

Patches accumulated and obsoleted by this patch:

Patches which conflict with this patch: 

Required Patches:

Obsoleted by:

Files Included in this Patch: 

/usr/bin/telnet
/usr/sbin/in.telnetd

Problem Description: 

6234932 telnet.c buffer overflow
 
(from 110668-04)
 
4798177 in.telnetd is vulnerable to denial of service via TESO
 
(from 110668-03)
 
4483514 in.telnetd vulnerable to buffer overflow ??
4523990 in.telnetd needs some cleanup
4527873 telnetd issues garbage before login prompt if BANNER in use
 
(from 110668-02)
 
4516876 in.telnetd should not accept TTYPROMPT from remote
 
(from 110668-01)
 
4366956 NLSPATH gettext introduces problems when used printf format specifier
4375449 dtmail crashes when calling catgets with NULL default message

Revision History: 

110668-03 110668-04 110668-02 110668-01

Patch Installation Instructions: 

--------------------------------
 
For Solaris 2.0-2.6 releases, refer to the Install.info file and/or
the README within the patch for instructions on using the generic
'installpatch' and 'backoutpatch' scripts provided with each patch.
 
For Solaris 7-10 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions.  The following example
installs a patch to a standalone machine:
 
       example# patchadd /var/spool/patch/104945-02
 
The following example removes a patch from a standalone system:
 
       example# patchrm 104945-02
 
For additional examples please see the appropriate man pages.

Special Install Instructions: 

-----------------------------
 
         NOTE:    To get the complete fix for 4366956 (NLSPATH gettext
                  introduces problems when used printf format specifier),
                  we recommend also installing the following patches:
 
                  110670-01 (or newer)   /usr/sbin/static/rcp patch
 
                  108991-06 (or newer)   /usr/lib/libc.a
                                         /usr/lib/libc.so.1
                                         /usr/lib/libp/libc.a
                                         /usr/lib/pics/libc_pic.a
                                         /usr/lib/sparcv9/libc.so.1
                                         /usr/lib/libp/sparcv9/libc.so.1
                                         /usr/lib/pics/sparcv9/libc_pic.a
 
                  109091-04 (or newer)   /usr/sbin/ufsrestore

README -- Last modified date:  Monday, March 28, 2005