OBSOLETE Patch-ID# 102070-06 Keywords: security portmapper configurable listen backlog UDP port Synopsis: Obsoleted by: 102070-07 SunOS 5.4: usr/sbin/rpcbind patch Date: Mar/20/1998 Solaris Release: 2.4 SunOS Release: 5.4 Unbundled Product: Unbundled Release: Xref: This patch available for x86 as patch 102071 Topic: SunOS 5.4: usr/sbin/rpcbind patch Relevant Architectures: sparc BugId's fixed with this patch: 1167600 4011058 4045357 4066019 4070261 4073327 Changes incorporated in this version: 4073327 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/sbin/rpcbind Problem Description: 4073327 rpcbind /tmp file security vulnerability (from 102070-05) 4070261 predictable RPC XIDs when forwarding CALLIT RPCs (from 102070-04) 4066019 security bug with indirect calls (from 102070-03) 4045357 rpcbind listens to non-privileged UDP port other than port 111 (from 102070-02) 4011058 rpcbind should have a configurable listen(3N) backlog (from 102070-01) 1167600 portmapper security hole has re-appeared in 5.4 This fix closes some holes in rpcbind/portmapper that affected system security. Patch Installation Instructions: -------------------------------- Refer to the Install.info file within the patch for instructions on using the generic ''installpatch'' and ''backoutpatch'' scripts provided with each patch. Any other special or non-generic installation instructions should be described below. Special Install Instructions: ----------------------------- None. README -- Last modified date: Friday, March 30, 2001