Patch-ID# 104358-07 Keywords: security rpcbind configurable listen backlog UDP port denial service Synopsis: SunOS 5.5_x86: /usr/sbin/rpcbind patch Date: Apr/24/2001 Solaris Release: 2.5_x86 SunOS Release: 5.5_x86 Unbundled Product: Unbundled Release: Xref: This patch available for SPARC as patch 104357 Topic: SunOS 5.5_x86: /usr/sbin/rpcbind patch NOTE: Refer to Special Install Instructions Section for IMPORTANT specific information on this patch. Relevant Architectures: i386 BugId's fixed with this patch: 4011058 4045357 4066019 4070261 4073327 4085394 4124715 Changes incorporated in this version: 4124715 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: 103188-37 or greater Obsoleted by: Files included with this patch: /usr/sbin/rpcbind Problem Description: 4124715 Denial of Service in connection oriented Transports. (from 104358-06) 4085394 TCP connections to rpcbind remain established if client is halted. (from 104358-05) 4073327 rpcbind /tmp file security vulnerability (from 104358-04) 4070261 predictable RPC XIDs when forwarding CALLIT RPCs (from 104358-03) 4066019 security bug with indirect calls (from 104358-02) 4045357 rpcbind listens to non-privileged UDP port other than port 111 (from 104358-01) 4011058 rpcbind should have a configurable listen(3N) backlog Patch Installation Instructions: -------------------------------- Refer to the Install.info file within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below. Special Install Instructions: ----------------------------- To get the complete fix for bug 4124715 (DENIAL OF SERVICE IN CONNECTION ORIENTED TRANSPORTS), one also needs to install the following patches: 103188-44 (or newer) libc, libnsl, libucb, nis_cachemgr and rpc.nisd patch 103469-06 (or newer) /usr/lib/nfs/statd patch 105170-03 (or newer) /usr/lib/netsvc/yp/ypbind patch 104224-03 (or newer) /usr/lib/nfs/mountd patch 103709-03 (or newer) /usr/sbin/rpc.nisd_resolv patch 104001-02 (or newer) /usr/sbin/rpc.nispasswdd patch 108648-01 (or newer) /usr/sbin/keyserv patch 108650-01 (or newer) /usr/sbin/rpc.bootparamd patch README -- Last modified date: Tuesday, April 24, 2001