Re: Solaris 2.6, 7, 8

From: Gert-Jan Hagenaars (bugtraqat_private)
Date: Wed Oct 02 2002 - 13:52:09 PDT

Next message: David Endler: "iDEFENSE Security Advisory 10.03.2002: Apache 1.3.x shared memory scoreboard vulnerabilities"

Previous message: sullo: "Re: [VulnDiscuss] XSS bug in Compaq Insight Manager Http server"
In reply to: Dave Ahmad: "Re: Solaris 2.6, 7, 8"
Next in thread: Sinan Eren: "RE: Solaris 2.6, 7, 8"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Apparently, Dave Ahmad wrote:
% 
% These may be fixes for this vulnerablity, however they apply to telnetd
% and this vulnerability has to be in login.

So it makes more sense to apply the right patches to login, and not
patches to telnetd.  If you only want to install the necessary patches
to plug this specific hole, very quickly, use these:

solaris 8 login fix: 111085-02
solaris 7 login fix: 112300-01
solaris 2.6 login fix: 105665-04
solaris 2.5.1 login fix: 106160-02

use patchadd.  A reboot is not necessary.

During your normal maintenance window you should install the rest of the
recommended patches.

CHeers,
Gert-Jan.

-- 
+++++++++++++ -------- +++++ --- ++ - +0+ + ++ +++ +++++ ++++++++ +++++++++++++
sed '/^[when][coders]/!d         G.J.W. Hagenaars -- gj at hagenaars dot com
    /^...[discover].$/d          Remembering Mike Carty 1968-1994
   /^..[real].[code]$/!d         UltrixIrixAIXHPUXSunOSLinuxBSD, nothing but nix
' /usr/dict/words                I'm Dutch, what's _your_ excuse?

Next message: David Endler: "iDEFENSE Security Advisory 10.03.2002: Apache 1.3.x shared memory scoreboard vulnerabilities"
Previous message: sullo: "Re: [VulnDiscuss] XSS bug in Compaq Insight Manager Http server"
In reply to: Dave Ahmad: "Re: Solaris 2.6, 7, 8"
Next in thread: Sinan Eren: "RE: Solaris 2.6, 7, 8"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Oct 03 2002 - 19:32:25 PDT