[4778] in bugtraq
Re: Getpwnam bus error.. is this patched?
daemon@ATHENA.MIT.EDU (Casper Dik)
Tue Jun 24 11:23:00 1997
Date: Tue, 24 Jun 1997 09:56:44 +0200
Reply-To: Casper Dik <casper@HOLLAND.SUN.COM>
From: Casper Dik <casper@HOLLAND.SUN.COM>
X-To: Charles Howes <croot@ICS.BC.CA>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "Mon, 23 Jun 1997 18:04:19 PDT."
<Pine.GSO.3.96.970623180147.24247A-100000@cheddar.ics.bc.ca>
>I'm a little behind in the patches. This program dies on Solaris 2.5;
>is this already patched, or is it news that getpwnam() has an
>overflowable buffer?
Old news (similar patches exist for 2.5 and for x86 2.5 & 2.5.1)
Patch-ID# 103612-23
Keywords: security libc memory su getdate NIS+ libnsl nis_cachemgr rpc.nisd NIS+
Synopsis: SunOS 5.5.1: libc, libnsl, nis_cachemgr and rpc.nisd patch
Date: Apr/21/97
.....
(from 103612-06)
1262666 nscd client backend, getxby_door, has buffer overflows
Note that the libc patches fix several more security problems.
Casper
