Patch-ID# 105170-04 Keywords: security ypbind rpcbind denial service Synopsis: SunOS 5.5_x86: /usr/lib/netsvc/yp/ypbind patch Date: Jun/19/2001 Solaris Release: 2.5_x86 SunOS Release: 5.5_x86 Unbundled Product: Unbundled Release: Xref: This patch available for SPARC as patch 105169 Topic: SunOS 5.5_x86: /usr/lib/netsvc/yp/ypbind patch NOTE: Refer to Special Install Instructions Section for IMPORTANT specific information on this patch. Relevant Architectures: i386 BugId's fixed with this patch: 1225430 4080264 4124715 4362647 Changes incorporated in this version: 4362647 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: usr/lib/netsvc/yp/ypbind Problem Description: 4362647 ypbind has a remotely exploitable buffer overflow allowing root privileges (from 105170-03) 4124715 Denial of Service in connection oriented Transports. (from 105170-02) 4080264 ypbind.pid file not created for diskless clients (from 105170-01) 1225430 ypbind can get requests before it is ready for them Patch Installation Instructions: -------------------------------- Refer to the Install.info file within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below. Special Install Instructions: ----------------------------- NOTE1: To get the complete fix for bugid 1225430 (ypbind can get requests before it is ready for them), one also needs to install the libnsl patch (103188-29 or newer). NOTE2: To get the complete fix for bugid 4080264 (ypbind.pid file not created for diskless clients), one also needs to install the libnsl patch (103188-31 or newer). NOTE3: To get the complete fix for bug 4124715 (Denial of Service in connection oriented Transports), one also needs to install the following patches: 103188-44 (or newer) libc, libnsl, libucb, nis_cachemgr and rpc.nisd patch 103469-06 (or newer) /usr/lib/nfs/statd patch 104224-03 (or newer) /usr/lib/nfs/mountd patch 104358-07 (or newer) /usr/sbin/rpcbind patch 103709-03 (or newer) /usr/sbin/rpc.nisd_resolv patch 104001-02 (or newer) /usr/sbin/rpc.nispasswdd patch 108648-01 (or newer) /usr/sbin/keyserv patch 108650-01 (or newer) /usr/sbin/rpc.bootparamd patch README -- Last modified date: Tuesday, June 19, 2001