Re: CERT Advisory CA-2001-34 Buffer Overflow in System V Derived Login

From: Scott Howard (scottat_private)
Date: Fri Dec 14 2001 - 11:33:14 PST

  • Next message: Derrick Scholl: "Re: CERT Advisory CA-2001-34 Buffer Overflow in System V Derived Login" 

    On Wed, Dec 12, 2001 at 06:12:36PM -0500, CERT Advisory wrote:
> Sun Microsystems
> 
>    Sun  has  developed  a  fix  and  T-patches are being tested. Official
>    patches  will  be  released  shortly and Sun will issue a Sun Security
>    Bulletin when they are available.

These patches are now available.  The relevant patch numbers are :

    111085-02 SunOS 5.8: /usr/bin/login patch
    111086-02 SunOS 5.8_x86: /usr/bin/login patch
    112300-01 SunOS 5.7:: usr/bin/login Patch
    112301-01 SunOS 5.7_x86:: usr/bin/login Patch
    105665-04 SunOS 5.6: /usr/bin/login patch
    105666-04 SunOS 5.6_x86: /usr/bin/login patch
    106160-02 SunOS 5.5.1: /usr/bin/login patch
    106161-02 SunOS 5.5.1_x86: /usr/bin/login patch

At this stage these no not appear to be free patches (ie, you need a contract
to get to them), although I expect this will change.

  Scott

    This archive was generated by hypermail 2b30 : Fri Dec 14 2001 - 14:44:22 PST