exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New


Posted Mar 27, 1994


SHA-256 | 6e95dd9b67e3b59269c8c13ffe087331ec1387b6a345d6a5c5698e9c566397a6


Change Mirror Download


In this bulletin Sun announces the availability of several new
security patches for SunOS 4.1.x systems. Also, we alert our
customers to the increased importance of installing a previously
announced patch.

I. Announcement of patches for "/etc/utmp" vulnerability

II. Reminder about existing rdist patch

III. Table of patches

IV. How to obtain Sun security patches

V. How to report or inquire about Sun security problems

VI. How to obtain Sun security bulletins

/\ Send Replies or Inquiries To:
\\ \
\ \\ / Mark Graff
/ \/ / / Sun Security Coordinator
/ / \//\ MS MPK2-04
\//\ / / 2550 Garcia Avenue
/ / /\ / Mountain View, CA 94043-1100
/ \\ \ Phone: 415-688-9081
\ \\ Fax: 415-688-9101
\/ E-mail: security-alert@Sun.COM


Permission is granted for the redistribution of this Bulletin for
the purpose of alerting Sun customers to problems, as long as the
Bulletin is not edited and is attributed to Sun Microsystems.

Any other use of this information without the express written consent
of Sun Microsystems is prohibited. Sun Microsystems expressly disclaims
all liability for any misuse of this information by any third party.


I. Announcement of patches for "/etc/utmp" vulnerability

SunOS 4.1.x systems have been found to be vulnerable to an attack
on the /etc/utmp file. The manipulation of this file, which on
SunOS 4.1.x systems is world-writable, can result in unauthorized root
access for the attacker. We are releasing today patches to several
utilities which close that security hole, identified as bug 1140162.

If the new patches are installed, no other changes--such as making
the /etc/utmp file not world-writable--are necessary to close the
security hole. We recommend that all of the patches be installed.

Solaris 2.x systems, including Solaris x86 systems, are not
susceptible to this attack. SunOS 4.1.3_U1 (Solaris 1.1.1) systems
are also not susceptible. The patches were integrated into
that system before it was released.

II. Reminder about existing rdist patch

Last week, two scripts were published in various Usenet newsgroups
which exploit vulnerabilities in rdist. Sun customers can protect
their sites from attacks based on these scripts by installing, if
they have not already done so, our previously released rdist patch.
The most recent version is 100383-06.

This patch is required for all SunOS 4.1.x systems except the
recently-released 4.1.3_U1 (Solaris 1.1.1). An earlier version of
the patch, 100383-05, was integrated into that version of the
operating system. That earlier patch also contains the fixes needed
to defeat the published scripts.

III. Table of patches

The patches discussed in this bulletin pertain to rdist and six
other utility programs: dump, in.comsat, in.talkd, shutdown,
syslogd, and write. Each patch is distributed as a compressed tar
file containing versions of the patched program for every supported
platform. In the case of rdist that includes combinations for which
Sun no longer issues patches.

The rdist patch, 100383-06, was issued for the sun3 and sun4
architectures and the 4.0.3, 4.1, 4.1.1, 4.1.2, and 4.1.3 versions
of the operating system. Eight patch combinations are represented.
The sun4 version of the patch can be used on all sun4, sun4c,
and sun4m systems.

The patches to the other utilities cover the sun3, sun3x, sun4,
sun4c, and sun4m architectures. The OS versions covered by the
patches are 4.1.1, 4.1.2, and 4.1.3. Ten patch combinations are
available in the patch file for each of the six utilities.

In the table below we show patch numbers and file names for each of
the seven compressed tar files. In the following table we show the
BSD and SVR4 checksums. We have also included MD5 digital signatures.

Program Patch ID Patch File Name
------- --------- ---------------
rdist 100383-06 100383-06.tar.Z
dump 100593-03 100593-03.tar.Z
in.comsat 100272-07 100272-07.tar.Z
in.talkd 101480-01 101480-01.tar.Z
shutdown 101481-01 101481-01.tar.Z
syslogd 100909-02 100909-02.tar.Z
write 101482-01 101482-01.tar.Z

Program BSD SVR4 MD5 Digital Signature
Checksum Checksum
------- --------- --------- --------------------------------
rdist 58984 121 9125 241 F8F78DDAB19AF5EFABB9BD66FC8F5C1A
dump 52095 242 41650 484 CDBA530226E8735FAE2BD9BCBFA47DD0
in.comsat 26553 39 64651 78 912FF4A0CC8D16A10EECBD7BE102D45C
in.talkd 47917 44 32598 88 5C3DFD6F90F739100CFA4AA4C97F01DF
shutdown 46562 80 56079 159 BFC257EC795D05646FFA733D1C03855B
syslogd 61539 108 38239 216 B5F70772384A3E58678C9C1F52D81190
write 61148 41 48636 81 F93276529AA9FC25B35679EBF00B2D6F

The checksums shown above are from the BSD-based checksum
(on 4.1.x, /bin/sum; on Solaris 2.x, /usr/ucb/sum) and from
the SVR4 version on Solaris 2.x (/usr/bin/sum).

IV. How to obtain Sun security patches

A. If you have a support contract

Customers with Sun support contracts can obtain the patches listed
here--and all other Sun security patches--from:

- Local Sun answer centers, worldwide
- SunSolve Online

Please refer to the bug ID and patch ID when requesting patches
from Sun answer centers.

You should also contact your answer center if you have a support
contract and:

- You need assistance in installing a patch
- You need additional patches
- You want an existing patch ported to another platform
- You believe you have encountered a bug in a Sun patch
- You want to know if a patch exists, or when one will be ready

B. If you do not have a support contract

Sun also makes its security patches available to customers who do
not have a support contract, via anonymous ftp:

- In the US, from /systems/sun/sun-dist on ftp.uu.net
- In Europe, from ~ftp/sun/fixes on ftp.eu.net

Patches announced in a Sun security bulletin are uploaded to these
two sites just before the bulletin is released, and seldom updated.
In contrast, the "supported" patch databases are refreshed nightly,
and will often contain newer versions of a patch, incorporating
changes which are not security-related.

V. How to report or inquire about Sun security problems

If you discover a security problem with Sun software or wish to
inquire about a possible problem, contact one or more of the

- Your local Sun answer centers
- Your representative computer security response team, such as CERT
- This office. Address postal mail to:

Sun Security Coordinator
MS MPK2-04
2550 Garcia Avenue Mountain
View, CA 94043-1100

Phone: 415-688-9081
Fax: 415-688-9101
E-mail: security-alert@Sun.COM

We strongly recommend that you report problems to your local Answer
Center. In some cases they will accept a report of a security bug
even if you do not have a support contract. An additional notification
to the security-alert alias is suggested but should not be used as your
primary vehicle for reporting a bug.

VI. How to obtain Sun security bulletins

A. Subscription information

Sun Security Bulletins are available free of charge as part of
our Customer Warning System. It is not necessary to have a Sun
support contract in order to receive them.

To subscribe to this bulletin series, send mail to the address
"security-alert@Sun.COM" with the subject "subscribe CWS
[mail-address]" and a message body containing affiliation and contact
information. To request that your name be removed from the mailing
list, send mail to the same address with the subject "unsubscribe CWS
[mail-address]". Do not include other requests or reports in a
subscription message.

Due to the volume of subscription requests we receive, we cannot
guarantee to acknowledge requests. Please contact this office if
you wish to verify that your subscription request was received, or
if you would like your bulletin delivered via postal mail or fax.

B. Obtaining old bulletins

Recent bulletins (#119 and later) are archived on ftp.uu.net, in the
same directory as the patches. Many earlier bulletins are available
from SunSolve. Please try these sources first before contacting this
office for old bulletins.

Login or Register to add favorites

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By