Patch-ID# 111400-02 Keywords: security kcms -p printer Synopsis: SunOS 5.8: KCMS configure tool has a security vulnerability Date: Jan/28/2004 Install Requirements: Reboot after installation Solaris Release: 8 SunOS Release: 5.8 Unbundled Product: Unbundled Release: Xref: This patch available for x86 as patch 111401 Topic: Relevant Architectures: sparc sun4u BugId's fixed with this patch: 4415570 4774256 Changes incorporated in this version: 4774256 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/openwin/bin/sparcv9/kcms_configure /usr/openwin/demo/kcms/sparcv9/print_attributes /usr/openwin/demo/kcms/sparcv9/print_header /usr/openwin/demo/kcms/sparcv9/print_montbls /usr/openwin/lib/sparcv9/libkcs.so.1 /usr/openwin/share/etc/devhandlers/sparcv9/kcsEKPfmticc30.so.2 /usr/openwin/share/etc/devhandlers/sparcv9/kcsEKProfkcms.so.2 /usr/openwin/share/etc/devhandlers/sparcv9/kcsEKXfrmucp.so.2 /usr/openwin/share/etc/devhandlers/sparcv9/kcsSUNWIOsolf.so.2 /usr/openwin/share/etc/devhandlers/sparcv9/kcsSUNWIOxwin.so.2 /usr/openwin/share/etc/devhandlers/sparcv9/kcsSUNWStatsolm.so.2 /usr/openwin/share/etc/gpiutils/sparcv9/libkcms_sys.so.2 /usr/openwin/share/etc/gpiutils/sparcv9/libkpcp.so.2 /usr/openwin/share/etc/gpiutils/sparcv9/libstdprof.so.2 /usr/openwin/bin/sparcv9/kcms_server /usr/openwin/bin/kcms_calibrate /usr/openwin/bin/kcms_configure /usr/openwin/bin/kcms_server /usr/openwin/demo/kcms/README /usr/openwin/demo/kcms/Resource /usr/openwin/demo/kcms/kcms_photocd /usr/openwin/demo/kcms/kcmstest_tiff /usr/openwin/demo/kcms/pcdviewer /usr/openwin/demo/kcms/print_attributes /usr/openwin/demo/kcms/print_header /usr/openwin/demo/kcms/print_montbls /usr/openwin/demo/kcms/profile_demo /usr/openwin/demo/kcms/runpcdviewer /usr/openwin/share/etc/OWconfig_entries /usr/openwin/share/etc/devhandlers/kcmscSUNWcolorsense.so.1 /usr/openwin/share/etc/devhandlers/kcmscSUNWgamma.so.1 /usr/openwin/share/etc/devhandlers/kcmscSUNWxrite_dtp92.so.1 /usr/openwin/share/etc/devhandlers/kcsEKPfmticc30.so.2 /usr/openwin/share/etc/devhandlers/kcsEKProfkcms.so.2 /usr/openwin/share/etc/devhandlers/kcsEKXfrmucp.so.2 /usr/openwin/share/etc/devhandlers/kcsSUNWIOsolf.so.2 /usr/openwin/share/etc/devhandlers/kcsSUNWIOxwin.so.2 /usr/openwin/share/etc/devhandlers/kcsSUNWStatsolm.so.2 /usr/openwin/share/etc/gpiutils/libkcms_sys.so.2 /usr/openwin/share/etc/gpiutils/libkpcp.so.2 /usr/openwin/share/etc/gpiutils/libstdprof.so.2 /usr/openwin/share/etc/gpiutils/libtu_runtime.so.1 /usr/openwin/lib/libkcs.so.1 Problem Description: 4774256 Security issue with kcms_server daemon. (from 111400-01) 4415570 kcms_configure has yet another security problem. Patch Installation Instructions: -------------------------------- For Solaris 2.0-2.6 releases, refer to the Install.info file and/or the README within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. For Solaris 7-8 releases, refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/104945-02 The following example removes a patch from a standalone system: example# patchrm 104945-02 For additional examples please see the appropriate man pages. Special Install Instructions: ----------------------------- None. README -- Last modified date: Wednesday, January 28, 2004