Patch-ID# 113273-10 Keywords: security sshd sftp-server integer overlow pam keyboard interactive Synopsis: SunOS 5.9: /usr/lib/ssh/sshd Patch Date: Oct/22/2004 Install Requirements: Install in Single User Mode Reconfigure immediately after patch is installed Solaris Release: 9 SunOS Release: 5.9 Unbundled Product: Unbundled Release: Xref: This patch available for x86 as patch 114858 Topic: SunOS 5.9: /usr/lib/ssh/sshd Patch Relevant Architectures: sparc BugId's fixed with this patch: 4708590 4718590 4725702 4801044 4860120 4895076 4923312 4939055 5006469 5039669 5048145 5055703 5060548 5087792 Changes incorporated in this version: 5087792 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/lib/ssh/sftp-server /usr/lib/ssh/sshd Problem Description: 5087792 patch 113273-08 breaks who and last from populating ip/hostname (from 113273-09) 5039669 S9 ssh -L portforwarding tunnel does not persist (from 113273-08) 5048145 Race relating to SIGCHLD in sshd results in ssh hanging 5055703 sshd fails to set PAM_RHOST correctly during authentication 5060548 scp/ssh to Solaris 9 sshd daemon arbitrarily returns success or failure (from 113273-07) 5006469 sshd is not calling pam_close_session() when exiting (from 113273-06) 4939055 ssh does not return standard errors (from 113273-05) 4718590 sshd doesn't do proper check when changing expired passwords 4895076 ssh does not allow logins after password expiration when using pk authentication 4725702 sshd fails to report remote address when listening to IPv4 only (from 113273-04) 4923312 Possible root exploit in ssh (from 113273-03) 4860120 ssh echoes back "Kerberos authentication failed: password incorrect" (from 113273-02) 4801044 sshd writes incorrect audit session ID for logout events (from 113273-01) 4708590 sshd(1m) vulnerable to integer overlow in PAM keyboard interactive code Patch Installation Instructions: -------------------------------- For Solaris 2.0-2.6 releases, refer to the Install.info file and/or the README within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. For Solaris 7-9 releases, refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/104945-02 The following example removes a patch from a standalone system: example# patchrm 104945-02 For additional examples please see the appropriate man pages. Special Install Instructions: ----------------------------- NOTE 1: Please reboot your system after the installation of this patch. NOTE 2: To get the complete fix for the bug 4939055, please install 114356-03 (or newer) README -- Last modified date: Friday, October 22, 2004