>Several exploits for rpc.cmsd seems to be floating around. This >vulnerability is being actively exploited. The vulnerability >is known to exist at least in Solaris 7, possibly in earlier >versions. > >Sun patch 107022-02 does not fix the vulnerability. Sun >has been informed and they are working on a patch. Should be >fixed in 107022-03. The following patches have now been released: 107022-03 CDE 1.3 (Solaris 7/SPARC) 107023-03 CDE 1.3_x86 (Solaris 7/x86) 105567-08 CDE 1.2_x86 (Solaris 2.6) 104976-04 OW 3.5.1 (Solaris 2.5.1) 105124-03 OW 3.5.1_x86 (Solaris 2.5.1_x86) 103251-09 OW 3.5 (Solaris 2.5) 103273-07 OW 3.5_x86 (Solaris 2.5_x86) 101513-14 OW 3.3 (Solaris 2.3) 100523-25 OW 3.0 (SunOS 4.1.3/4.1.3C/4.1.3_U1/4.1.4) Already released was (one week ago): 105566-08 CDE 1.2 (Solaris 2.6/SPARC) Casper
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:52:09 PDT