Patch-ID# 104167-05 Keywords: security statd NUM_PROC_FDS buffer overflow root automountd daemon Synopsis: SunOS 5.5.1_x86: /usr/lib/nfs/statd patch Date: Jun/19/2001 Solaris Release: 2.5.1_x86 SunOS Release: 5.5.1_x86 Unbundled Product: Unbundled Release: Xref: This patch available for SPARC as patch 104166 Topic: SunOS 5.5.1_x86: /usr/lib/nfs/statd patch Relevant Architectures: i386 BugId's fixed with this patch: 1196526 1255547 4034187 4124715 4159085 Changes incorporated in this version: 4124715 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: 104655-05 or greater Obsoleted by: Files included with this patch: /usr/lib/nfs/statd Problem Description: 4124715 Denial of Service in connection oriented Transports. (from 104167-04) 4159085 statd allows indirect RPC calls (from 104167-03) 1255547 lock manager can consume much kernel memory waiting for statd (from 104167-02) 4034187 buffer overflow in statd allows root attack (from 104167-01) 1196526 statd/rpc.c's definition of NUM_PROC_FDS is too small, it can cause create to fail Patch Installation Instructions: -------------------------------- Refer to the Install.info file within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below. Special Install Instructions: ----------------------------- NOTE : To get the complete fix for bug 4124715 (Denial of Service in connection oriented Transports) we recommend installation of the following patches (or newer): 103641-33 (libnsl & rpc.nisd) 103996-02 (/usr/sbin/rpc.nispasswdd) 108929-01 (/usr/sbin/rpc.bootparamd) 103687-03 (/usr/sbin/rpc.nisd_resolv) 104332-08 (/usr/sbin/rpcbind) 105134-02 (/usr/sbin/keyserv) 105166-03 (ypbind) 104221-04 (/usr/lib/nfs/mountd) README -- Last modified date: Tuesday, June 19, 2001