[27289] in bugtraq
Re: Solaris 2.6, 7, 8
daemon@ATHENA.MIT.EDU (Gert-Jan Hagenaars)
Thu Oct 3 22:28:07 2002
Date: Wed, 2 Oct 2002 16:52:09 -0400
From: Gert-Jan Hagenaars <bugtraq@hagenaars.com>
To: bugtraq@securityfocus.com
Message-ID: <20021002205209.GA24846@hagenaars.com>
Mail-Followup-To: Gert-Jan Hagenaars <bugtraq@hagenaars.com>,
bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.LNX.4.43.0210021134540.12460-100000@mail.securityfocus.com>
Apparently, Dave Ahmad wrote:
%
% These may be fixes for this vulnerablity, however they apply to telnetd
% and this vulnerability has to be in login.
So it makes more sense to apply the right patches to login, and not
patches to telnetd. If you only want to install the necessary patches
to plug this specific hole, very quickly, use these:
solaris 8 login fix: 111085-02
solaris 7 login fix: 112300-01
solaris 2.6 login fix: 105665-04
solaris 2.5.1 login fix: 106160-02
use patchadd. A reboot is not necessary.
During your normal maintenance window you should install the rest of the
recommended patches.
CHeers,
Gert-Jan.
--
+++++++++++++ -------- +++++ --- ++ - +0+ + ++ +++ +++++ ++++++++ +++++++++++++
sed '/^[when][coders]/!d G.J.W. Hagenaars -- gj at hagenaars dot com
/^...[discover].$/d Remembering Mike Carty 1968-1994
/^..[real].[code]$/!d UltrixIrixAIXHPUXSunOSLinuxBSD, nothing but nix
' /usr/dict/words I'm Dutch, what's _your_ excuse?
