ciac-12.unix-rcp-rdist-patch.txt
0bf29667a3b515b1157a32492fb7417d19d91922eddeeeae7899f3759300dca1
NNNNOOOOTTTTIIIICCCCEEEE OOOOFFFF AAAAVVVVAAAAIIIILLLLAAAABBBBIIIILLLLIIIITTTTYYYY OOOOFFFF SSSSUUUUNNNN PPPPAAAATTTTCCCCHHHH FFFFOOOORRRR RRRRCCCCPPPP AAAANNNNDDDD RRRRDDDDIIIISSSSTTTT
Several weeks ago, the DOE Computer Incident Advisory Capability (CIAC) reported a
UNIX security problem involving rcp and rdist in 4.3BSD,
4.3BSD-tahoe, and all versions of UNIX using BSD networking
code, as well as SunOS (all versions). Patches for BSD but
not SUN systems were available at the time you received an
announcement about the rcp and rdist vulnerabilities.
However, patches for SUN3 and SUN4 systems are now
available. You may obtain these patches from several
sources, to be described shortly. TTTToooo ttttrrrraaaannnnssssffffeeeerrrr tttthhhheeee ppppaaaattttcccchhhheeeessss::::
Log in to your local SUN machine. Get into the directory
into which you want the patches to be transferred. You can
accomplish this by typing: _c_d "dir", where "dir" is the name
of the directory to which you want to copy the patches. Use
one of the following options: OOOOPPPPTTTTIIIIOOOONNNN IIII---- TTTTrrrraaaannnnssssffffeeeerrrr tttthhhheeee PPPPaaaattttcccchhhheeeessss
ffffrrrroooommmm uuuuuuuunnnneeeetttt....uuuuuuuu....nnnneeeetttt TTTTyyyyppppeeee:::: _f_t_p _u_u_n_e_t._u_u._n_e_t <RETURN> The
remote system will prompt you as follows: Name:
ttttyyyyppppeeee:::: _a_n_o_n_y_m_o_u_s <RETURN> Passwd:
ttttyyyyppppeeee:::: _g_u_e_s_t <RETURN> ftp> When you get
an "ftp>" prompt then
TTTTyyyyppppeeee:::: _c_d _s_u_n-_f_i_x_e_s <RETURN>
and then type: _l_s <RETURN>
(this will help you see what directory you are in.) Then
ttttyyyyppppeeee:::: _t_y_p_e _i_m_a_g_e <RETURN> Now you are ready to copy the
patches. If you are running a SUN3 system, i.e. 68020.,
TTTTyyyyppppeeee:::: _g_e_t rcp.sun3.Z <RETURN> Or for SUN4 systems, i.e.
SPARC architecture., ttttyyyyppppeeee:::: _g_e_t rcp.sun4.Z <RETURN> Do the
same for: _g_e_t "rdist.sun3.Z" <RETURN> or _g_e_t "rdist.sun4.Z"
<RETURN> Finally ttttyyyyppppeeee:::: _q_u_i_t <RETURN>
June 12, 1996
- 2 -
OOOOPPPPTTTTIIIIOOOONNNN IIIIIIII---- TTTTrrrraaaannnnssssffffeeeerrrr tttthhhheeee ppppaaaattttcccchhhheeeessss ffffrrrroooommmm llllllllllll----ccccrrrrgggg....llllllllnnnnllll....ggggoooovvvv
If you cannot connect to uunet.uu.net, then try the
following: TTTTyyyyppppeeee:::: _f_t_p _l_l_l-_c_r_g._l_l_n_l._g_o_v <RETURN> The remote
system will prompt you as follows: Name:
ttttyyyyppppeeee:::: _a_n_o_n_y_m_o_u_s <RETURN> Passwd: ttttyyyyppppeeee::::
_g_u_e_s_t <RETURN> ftp> TTTTyyyyppppeeee:::: _c_d _s_u_n <RETURN> GGGGeeeetttt the
files as shown above. (Refer to I.c and I.d above) Finally
ttttyyyyppppeeee:::: _q_u_i_t <RETURN>
TTTToooo iiiinnnnssssttttaaaallllllll tttthhhheeee ppppaaaattttcccchhhheeeessss oooonnnn yyyyoooouuuurrrr ssssyyyysssstttteeeemmmm:::: After you get the
patches and are back to your local machine, do the
following: MMMMaaaakkkkeeee yyyyoooouuuurrrr ffffiiiilllleeeessss rrrreeeeaaaaddddaaaabbbblllleeee.... TTTTyyyyppppeeee:::: _u_n_c_o_m_p_r_e_s_s
_r_c_p._s_u_n_3._Z. <RETURN> TTTTyyyyppppeeee:::: _u_n_c_o_m_p_r_e_s_s _r_d_i_s_t._s_u_n_3._Z. <RETURN>
the _r_d_i_s_t._s_u_n_3._Z is for SUN3 systems, if you have a SUN4 it
will be _r_d_i_s_t._s_u_n_4._Z. The same naming rule is being used on
_r_c_p._s_u_n_3._Z. RRRReeeeppppllllaaaacccceeee tttthhhheeee oooorrrriiiiggggiiiinnnnaaaallll rrrrccccpppp aaaannnndddd rrrrddddiiiisssstttt.... You can
achieve this by: 2.1) TTTTyyyyppppeeee:::: _w_h_e_r_e_i_s _r_c_p <RETURN>
Your computer will return a pathname such as:
/usr/ucb/rcp.
Write down that pathname. 2.2) Do the same for "rdist".
TTTTyyyyppppeeee:::: _w_h_e_r_e_i_s _r_d_i_s_t <RETURN> 2.3) TTTTyyyyppppeeee:::: _c_p "_r_c_p-_p_a_t_h_n_a_m_e"
"_r_c_p-_p_a_t_h_n_a_m_e._o_r_i_g" <RETURN>
(where "rcp-pathname" is the pathname from step 2.1
above.)
TTTTyyyyppppeeee:::: _c_p "_r_d_i_s_t-_p_a_t_h_n_a_m_e" "_r_d_i_s_t-_p_a_t_h_n_a_m_e._o_r_i_g" <RETURN>
(where "rdist-pathname" is the pathname from step 2.2
above.)
TTTTyyyyppppeeee:::: _c_p _r_c_p._s_u_n_3 "_r_c_p-_p_a_t_h_n_a_m_e" <_R_E_T_U_R_N>
TTTTyyyyppppeeee:::: _c_p _r_d_i_s_t._s_u_n_3 "_r_c_p-_p_a_t_h_n_a_m_e" <RETURN> You can now
test these utilities. If you cannot connect to either
uunet.uu.net or lll-crg.llnl.gov via the network or need
further assistance, please contact:
Ana Maria De Alvare'
anamaria@lll-lcc.llnl.gov
(415) 422-7007 or (FTS) 532-7007
or send e-mail to:
ciac@tiger.llnl.gov
June 12, 1996
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed