Patch-ID# 106647-03
Keywords: security rpc.pcnfsd uid root access dot printer name hang core dump
Synopsis: SNC 3.2: rpc.pcnfsd has security problem, also hangs and dumps core
Date: Dec/09/99

Solaris Release: 2.4_x86 2.5_x86 2.5.1_x86 2.6_x86 7_x86

SunOS Release: 5.4_x86 5.5_x86 5.5.1_x86 5.6_x86 5.7_x86

Unbundled Product: Solstice Network Client

Unbundled Release: 3.2
 
Xref: This patch available for sparc as patch 106646-03

Topic: SunOS 5.x: Fix for /opt/SUNWpcnfs/sbin/rpc.pcnfsd
 
BugId's fixed with this patch: 4166175 4166105 4119410 4160413 4246594

Changes incorporated in this version: 4119410 4160413 4246594

Relevant Architectures: i386

Patches accumulated and obsoleted by this patch:  

Patches which conflict with this patch: 

Patches required with this patch: 

Obsoleted by: 

Files included with this patch:

/opt/SUNWpcnfs/sbin/rpc.pcnfsd
/opt/SUNWpcnfs/scripts/pcnfs

Problem Description:

4119410 Increase the UID limit to 0x7fffffff to match Solaris 2.x.

4160413 Can not print via PCNFSD from a PCNFSD V1 client.  
        Receive "RPC: procedure unavailable" error.

4246594 rpc.pcnfsd hangs with wrong UID.

none    /etc/init.d/pcnfs script "stop" command doesn't stop daemon.

(from 106647-01)
4166175 Root access could be compromised if rpc.pcnfsd accepts "." as a 
        printer name from an exploit client.

(from 106647-02)
4166105 rpc.pcnfsd appears to hang or dumps core when there are many active 
        SNC print clients.


Patch Installation Instructions: 
-------------------------------- 
Refer to the Install.info file within the patch for instructions on
using the generic 'installpatch' and 'backoutpatch' scripts provided
with each patch.  Any other special or non-generic installation
instructions should be described below.


Special Install Instructions: 
----------------------------- 
All Solstice Network Client 3.2 PC print clients must have patch 106811-04
installed.