SUMMARY: statd patch for Solaris 2.5.1

From: Ho-Sung Song (hsong@sdsosc.co.kr)
Date: Tue Mar 04 1997 - 18:35:30 CST


SMs,

Sorry this is none of your concern, but I think I should anyway summarize
the responses I've got.

The original question of mine is:

---
> Dear SMs,
> 
> One of our corporate security staffs recommends that I should apply patch
> for statd security hole. He suggests some patch number for SunOS 5.4
> (102769-03) and SunOS 5.5(103468-02). By the way, the system I do
> administration is SunOS 5.5.1, and I can't find the patch for the problem
> at http://sunsolve.sun.com. I tried to apply patch for SunOS 5.5 to
> SunOS 5.5.1 machine, but it wasn't applied. Is this problem(statd security
> hole) obsoleted by SunOS 5.5.1, or is there any special reason for Sun
> not to give a patch for SunOS 5.5.1 ? Sorry if this is obvious, but I and
> the guy can't find anywhere that SunOS 5.5.1 is free from this vulnerability.
---

Thanks to responders:

Peter Marelas <maral@phase-one.com.au> Casper Dik <casper@holland.Sun.COM "Matthew Stier" <mstier@hotmail.com>

Mr. Dik's answer seems to be correct.

--- > The statd fix was incorporated in Soalris 2.5.1. > > Casper ---

Mr. Stier pointed a patch(104166-01) which I can't find in the public patch access area. After Mr. Stier sent me the patch description, I found 104166-01 doesn't deal with the security vulnerability.

Thank you again. _________________________________________________________________________ Song, Ho-Sung | e-mail : hsong@sdsosc.co.kr Systems Engineer, OSC ITRC | Voice : +82-2-360-6343 Samsung Data Systems Co. Ltd. | Fax : +82-2-360-6276



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:47 CDT