Patch-ID# 111012-01 Keywords: security cu uucp buffer overflow Synopsis: Trusted Solaris 8: Buffer overflow in cu allows uucp uid access Date: Mar/14/2002 Solaris Release: Trusted_Solaris_8 SunOS Release: Unbundled Product: Unbundled Release: Xref: This patch available for x86 as patch 111013 Topic: Trusted Solaris 8: Buffer overflow in cu allows uucp uid access Relevant Architectures: sparc BugId's fixed with this patch: 4411728 Changes incorporated in this version: 4411728 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/bin/cu Problem Description: 4411728 Buffer overflow in cu allows uucp uid access Patch Installation Instructions: -------------------------------- Refer to the man pages for instructions on using the generic 'patchadd' and 'patchrm' scripts. Any other special or non-generic installation instructions should be described below as special instructions. Special Install Instructions: ----------------------------- Note: The steps below assume the patch file has been placed into the ADMIN_LOW subdirectory of /tmp (/tmp is a MLD) and that the patch file label is configured to ADMIN_LOW. Create a role that contains the Software Installation profile (typically the admin role). The patch file should be owned by this role. Keep in mind, after rebooting, contents in the /tmp directory are removed; if saving the patch tarfile is desired, select another MLD such as /var/tmp. 1) Login as a user authorized to assume a role that contains the Software Installation profile; typically the admin role. Assume that role. 2) cd into /tmp and unzip the patch file. A patch directory will be created by the unzip command. $ cd /tmp $ unzip <123456-01.zip> 3) Install the patch by typing: $ patchadd /tmp/ Special Backout Instructions: ----------------------------- 1) Login as a user authorized to assume a role that contains the Software Installation profile; typically the admin role. Assume that role. 2) Backout patch by typing: patchrm where is the patch number. $ patchrm 123456-01 README -- Last modified date: Thursday, March 14, 2002