Patch-ID# 110061-14 Keywords: security login.krb5 chdir ftpd telnetd rshd krb5kdc role kerberos Synopsis: SEAM 1.0.1_x86: patch for Solaris 8_x86 Date: Nov/05/2003 Install Requirements: Additional instructions may be listed below Solaris Release: 8_x86 SunOS Release: 5.8_x86 Unbundled Product: Solaris Enterprise Authentication Mechanism Unbundled Release: 1.0.1 Xref: This patch available for SPARC as patch 110060 Topic: Relevant Architectures: i386 BugId's fixed with this patch: 4310410 4310415 4310420 4311749 4313926 4338622 4346120 4346410 4348078 4390628 4418644 4451327 4484541 4491825 4493059 4509090 4524845 4615238 4632646 4634657 4806989 4836676 Changes incorporated in this version: 4836676 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/krb5/bin/ftp /usr/krb5/bin/telnet /usr/krb5/lib/ftpd /usr/krb5/lib/krb5kdc /usr/krb5/lib/libkadm5srv.so /usr/krb5/lib/libkadm5srv.so.1 /usr/krb5/lib/libpty.so /usr/krb5/lib/libpty.so.1 /usr/krb5/lib/login.krb5 /usr/krb5/lib/rlogind /usr/krb5/lib/rshd /usr/krb5/lib/telnetd /usr/krb5/sbin/kdb5_util Problem Description: 4836676 Bounds checks not in place for princs in krbv5 (from 110061-13) 4806989 Kerberized telnet client does not handle "mode character" correctly. (from 110061-12) 4524845 Forwardable flags are not set when telneting from a non-kerberos to a kerberos 4632646 kerberos telnetd uses login.krb5 which does not honor /etc/default/login 4390628 login.krb5 doesn't call PAM API in the correct order 4634657 login.krb5 coredumped (from 110061-11) 4338622 BUFFER OVERRUN VULNERABILITIES IN KERBEROS (SEAM) 4509090 SEAM telnetd gives away if a user exists or not (from 110061-10) 4615238 login.krb5 contains buffer overflow (from 110061-09) 4313926 kerberos rlogin/rsh/telnet/ftp sessions not audited (from 110061-08) 4491825 ktelnet security problem when used with Solaris 8 (from 110061-07) This revision to fix omission of updated ftpd/telnetd in revision -04. (from 110061-06) Skipped for revision number alignment. (from 110061-05) Skipped for revision number alignment. (from 110061-04) 4484541 krbv5 telnetd vulnerable to buffer overflows 4493059 4310420 fix needs some more work (from 110061-03) 4418644 ftp server does not conform with rfc 2228 4451327 krb5 ftpd vulnerable to buffer overflows 4311749 SEAM 1.0 telnet core dumping when the KDC is Win2000 FCS. (from 110061-02) 4346410 Kerberos 5 telnetd creates many useless utmpx files 4348078 /var/krb5/kdc.log and /var/krb5/kadmin.log has permissions 0644 4346120 rlogin using kerberos takes too long (from 110061-01) 4310415 kerberized rshd fails with non-root-accessible home directories 4310420 kerberized ftpd fails to chdir to non-root-accessible home directories 4310410 login.krb5 chdir to non-root-accessible home directories fails for rlogin/telnet Patch Installation Instructions: -------------------------------- For Solaris 2.0-2.6 releases, refer to the Install.info file and/or the README within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. For Solaris 7-8 releases, refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/104945-02 The following example removes a patch from a standalone system: example# patchrm 104945-02 For additional examples please see the appropriate man pages. Special Install Instructions: ----------------------------- For Bug ID 4836676, the complete fix requires patch 112238-08 or newer. Although patches 110061-14 and 112238-08 do not require/depend on each other, the complete resolution for the bug requires both. README -- Last modified date: Wednesday, November 5, 2003