Patch-ID# 102932-05 Keywords: security statd dies Synopsis: SunOS 5.3: statd fixes Date: Jun/01/99 Solaris Release: 2.3 SunOS release: 5.3 Unbundled Product: Unbundled Release: Topic: SunOS 5.3: statd fixes BugId's fixed with this patch: 1218695 1243416 4034187 4159085 Changes incorporated in this version: 4159085 Relevant Architectures: sparc Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: 101318-92 Obsoleted by: Files included with this patch: /usr/lib/nfs/statd Problem Description: 4159085 statd allows indirect RPC calls (from 102932-04) 4159085 statd allows indirect RPC calls (from 102932-03) 4034187 buffer overflow in statd allows root attack (from 102932-02) 1243416 statd security problem (from 102932-01) 1218695 statd dies intermittently - suspect same problem as 1151643 Patch Installation Instructions: -------------------------------- Refer to the Install.info file within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below. Special Install Instructions: ----------------------------- For 2.3-2.5.1, there is a one-way dependency for this fix on automountd fix 4028300 (patch 101318-92) That is, the fix for 4028300 (patch 101318-92) must be installed for this security fix (4159085) to work correctly.