Patch-ID# 112537-05
Keywords: security kerberos mech_krb5.so.1 kmech_krb5 gss mech
Synopsis: SEAM 1.0: Patch for Solaris 7_x86
Date: Sep/02/2004


Install Requirements: None                      
                      
Solaris Release: 7_x86

SunOS Release: 5.7_x86

Unbundled Product: Solaris Enterprise Authentication Mechanism

Unbundled Release: 1.0

Xref: This patch available for SPARC as patch 112536

Topic: 

Relevant Architectures: i386

BugId's fixed with this patch: 4338622 4691352 4836676 5055875

Changes incorporated in this version: 5055875

Patches accumulated and obsoleted by this patch: 

Patches which conflict with this patch: 

Patches required with this patch: 

Obsoleted by: 

Files included with this patch: 

/kernel/misc/kgss/do_kmech_krb5
/kernel/misc/kgss/gl_kmech_krb5
/usr/lib/gss/do/mech_krb5.so
/usr/lib/gss/do/mech_krb5.so.1
/usr/lib/gss/gl/mech_krb5.so
/usr/lib/gss/gl/mech_krb5.so.1

Problem Description:

5055875 buffer overflow in (undocumented) auth_to_local rules
 
(from 112537-04)
 
4836676 Bounds checks not in place for princs in krbv5
 
(from 112537-03)
 
4691352 Multiple Kerberos vulnerabilities need to be fixed (rework)
 
(from 112537-02)
 
4691352 Multiple Kerberos vulnerabilities need to be fixed
 
(from 112537-01)
 
4338622 BUFFER OVERRUN VULNERABILITIES IN KERBEROS (SEAM)

Patch Installation Instructions:
-------------------------------- 
For Solaris 2.0-2.6 releases, refer to the Install.info file and/or
the README within the patch for instructions on using the generic
'installpatch' and 'backoutpatch' scripts provided with each patch.
 
For Solaris 7-8 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions.  The following example
installs a patch to a standalone machine:
 
       example# patchadd /var/spool/patch/104945-02
 
The following example removes a patch from a standalone system:
 
       example# patchrm 104945-02
 
For additional examples please see the appropriate man pages.

Special Install Instructions:
----------------------------- 
For Bug ID 4338622, the complete fix requires
patch 110058-05 or newer. Although patches 112537-01
and 110058-05 do not require/depend on each other,
the complete resolution for the bug requires both.
 
For Bug ID 4836676, the complete fix requires
patch 110058-07 or newer. Although patches 112537-04
and 110058-07 do not require/depend on each other,
the complete resolution for the bug requires both.

README -- Last modified date:  Thursday, September 2, 2004