Re: Exploit of rpc.cmsd

From: Casper Dik (casperat_private)
Date: Thu Jul 15 1999 - 14:58:04 PDT

Next message: Mike Perry: "Re: Shared memory DoS's (Redhat retraction)"

Previous message: Steve Jackson: "Bug in Axent 5.0"
Maybe in reply to: Bob Todd: "Exploit of rpc.cmsd"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>(What about Solaris 2.4?)

Both CDE 1.0.1/1.0.2  (which have seperate rpc.cmsd binaries; these
were merged in later releases) and Solaris 2.4 patches will be released
at a later date.

>Be aware that when these patches[*] are applied, the existing rpc.cmsd
>process (if one exists) seems to be killed in a *prepatch* script--that
>is, *before* the programs are updated.

Thanks for noticing this; I've notified the persons responsible for
this patch; it will be addressed in a future release.

>I couldn't begin to speculate about why Sun didn't make this a postpatch
>script rather than a prepatch script.

Neither could I; it's a mistake.


Casper

Next message: Mike Perry: "Re: Shared memory DoS's (Redhat retraction)"
Previous message: Steve Jackson: "Bug in Axent 5.0"
Maybe in reply to: Bob Todd: "Exploit of rpc.cmsd"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:52:28 PDT