Patch-ID# 111590-03 Keywords: security rpc.yppasswdd remote root access buffer overflow Synopsis: SunOS 5.7: rpc.yppasswdd Patch Date: Feb/28/2003 Install Requirements: None Solaris Release: 7 SunOS Release: 5.7 Unbundled Product: Unbundled Release: Xref: This patch available for x86 as patch 111591 Topic: SunOS 5.7: rpc.yppasswdd Patch Relevant Architectures: sparc BugId's fixed with this patch: 4283355 4392250 4456994 4466065 Changes incorporated in this version: 4283355 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: 107285-05 or greater Obsoleted by: Files included with this patch: /usr/lib/netsvc/yp/rpc.yppasswdd Problem Description: 4283355 rpc.yppasswdd temporarily removes passwd source file resulting in exit (from 111590-02) 4392250 "passwd -r nis -e user" causes rpc.yppasswdd down. 4466065 regression error introduced during the putback (from 111590-01) 4456994 rpc.yppasswdd contains a buffer overflow Patch Installation Instructions: -------------------------------- For Solaris 2.0-2.6 releases, refer to the Install.info file and/or the README within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. For Solaris 7-9 releases, refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/104945-02 The following example removes a patch from a standalone system: example# patchrm 104945-02 For additional examples please see the appropriate man pages. Special Install Instructions: ----------------------------- Reboot system after patch installation. Note: This patch requires the installation of patch 107285-05. Together, these patches will give the complete fix for bugID# 4392250. README -- Last modified date: Friday, February 28, 2003