dUNIX SSRT037901_DUNIX1032D2 SECURITY V3.2d-2/3.2e-2 ECO Summary
Copyright (c) Digital Equipment Corporation 1996. All rights reserved.
PRODUCT: DEC OSF/1 Versions 3.0, 3.0b, 3.2, 3.2b, 3.2c,
3.2d-1/3.2e-1, 3.2d-2/3.2e-2
COMPONENT: Security
SOURCE: Digital Equipment Corporation
ECO INFORMATION:
ECO Kit Name: SSRT037901_DUNIX1032D2
ECO Kits Superseded by This ECO Kit: None
ECO Kit Approximate Size: 350 Blocks
Kit Applies To: DEC OSF/1 Versions 3.0, 3.0b, 3.2, 3.2b, 3.2c,
3.2d-1/3.2e-1, 3.2d-2/3.2e-2
System/Cluster Reboot Necessary: Yes
ECO KIT SUMMARY:
An ECO kit exists for DEC OSF/1 versions 3.0, 3.0b, 3.2, 3.2b, 3.2c,
3.2d-1/3.2e-1 and 3.2d-2/3.2e-2. This kit addresses the following
problem:
o A potential security vulnerability has been identified with mountd.
This potential vulnerability may allow, under certain
circumstances an, NFS server to be spoofed.
NOTE: (1) These ECO's must be re-applied if an update or installation
is performed thru V3.2d of Digital UNIX.
(2) The solutions will be included in future releases of this
Operating System.
INSTALLATION NOTES:
This ECO is a compressed tar image and once uncompressed the following
files are available:
NOTE: If you receive this ECO on media from the Digital Software
Supply Distribution Center it will be in uncompressed format rather
than a compressed tar as indicated above.
./mountd_v30 03047 56
./mountd_v30b 03047 56
./mountd_v32 11742 56
./mountd_v32b 17708 56
./mountd_v32c 38506 56
./mountd_v32d1 48255 56
./mountd_v32d2 48255 56
A reboot is required.
Refer to the README files for additional installation details.
This patch can be found at any of these sites:
Colorado Site
Georgia Site
Files on this server are as follows:
ssrt037901_dunix1032d2.README
ssrt037901_dunix1032d2.CHKSUM
ssrt037901_dunix1032d2.CVRLET_TXT
ssrt037901_dunix1032d2.tar_z
|