Security Patches FAQ for your System: The Complete List As new systems become accessible by networks there is a need for security. Many systems are shipped by default insecure which puts the responsibility on the customers to get and apply patches. This FAQ will be a guide for the many administrators who want to secure their systems. This FAQ will be broken down into the different sections: 1) Type of Operating System and its Vulnerabilities. 2) Particular Vulnerabilities (ie. rdist and sendmail) This is an alpha version. 1) Type of Operating System and its Vulnerabilities Sun Microsystems, Inc. SunOS 4.0.3/4.1/4.1.1 Patches may be obtained via anonymous ftp from ftp.uu.net (in the sun-dist directory) or from local Sun Answer Centers worldwide. 100075-09 rpc.lockd jumbo patch 100103-11 script to change file permissions to a more secure mode 100170-09 jumbo-patch ld-1.144 shared LD_LIBRARY_PATH -Bstatic SPARCworks 100173-09 NFS Jumbo Patch 100178-07 netd "broken server detection" breaks on fast machines 100249-04 automounter jumbo patch 100272-07 dump,in.comsat,syslogd,in.talkd,shutdown,write utmp writable 100283-03 in.routed mishandles gateways, multiple routes 100296-04 netgroup exports to world 100296-04 rpc.mountd exports to the world 100305-09 lpd can be used to delete any file on the system 100305-13 lpr package 100338-05 system crashes with assertion failed panic 100342-03 NIS client needs long recovery time if server reboots 100359-06 streams jumbo patch 100377-05 Sendmail.mx doesn't recognize wildcard, forward, uid's > 32767 100377-07 sendmail + sendmail.mx 100383-05 rdist security enhancement 100383-06 rdist can be used to get root access 100421-03 rpc.rexd does not log appropriate accounting messages 100448-01 loadmodule security problem 100482-03 ypserv sends maps to anyone who guesses domainname 100482-04 ypxfrd exporting NIS maps to everybody 100507-04 tmpfs jumbo patch 100527-03 rsh uses old-style selects instead of 4.0 selects 100536-02 NFS can cause panic: assertion failed crashes 100557-02 ftp Jumbo patch 100564-03 C2 Jumbo patch 100567-03 mfree panic due to mbuf being freed twice 100593-03 dump,in.comsat,syslogd,in.talkd,shutdown,write utmp writable 100623-02 UFS jumbo patch 100909-02 dump,in.comsat,syslogd,in.talkd,shutdown,write utmp writable 101480-01 dump,in.comsat,syslogd,in.talkd,shutdown,write utmp writable 101481-01 dump,in.comsat,syslogd,in.talkd,shutdown,write utmp writable 101482-01 dump,in.comsat,syslogd,in.talkd,shutdown,write utmp writable Patch the following: Turn off IP Forwarding Turn off Source Routings Turn on NFS Priv Port Checking Remove /dev/nit 2) Particular Vulnerabilities Sendmail Patches SunOS 5.x 101077-06 SunOS 4.1.x 100377-07 Rdist Patches Apollo Domain/OS SR10.3 and SR10.3.5 (Fixed in SR10.4) a88k PD92_P0316 m68k PD92_M0384 Cray Research, Inc. UNICOS 6.0/6.E/6.1 Field Alert #132 SPR 47600 IBM RS/6000 AIX levels 3005, 2006, 2007, and 3.2 apar ix23738 Patches may be obtained by calling Customer Support at 1-800-237-5511. MIPS RISCos versions 4.50 through 4.52 (not required for 5.0) Patches are available via anonymous ftp at ftp.mips.com. The file is /pub/rdist.CERT.tar. NeXT Computer, Inc. NeXTstep Release 2.x Rdist available on the public NeXT FTP archives. Silicon Graphics IRIX 3.3.x/4.0 (fixed in 4.0.1) Patches may be obtained via anonymous ftp from sgi.com in the sgi/rdist directory. Solbourne OS/MP 4.1A Patch ID P911121003 Sun Microsystems, Inc. SunOS 4.0.3/4.1/4.1.1 Patch ID 100383-03 Copyright This paper is Copyright (c) 1994 by Christopher Klaus Permission is hereby granted to give away free copies. You may distribute, transfer, or spread this paper. You may not pretend that you wrote it. This copyright notice must be maintained in any copy made. Disclaimer The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties with regard to this information. In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk. Address of Author Please send suggestions, updates, and comments to: Christopher Klaus -- Christopher William Klaus Internet Security Systems, Inc. 2209 Summit Place Drive,Dunwoody GA 30350-2430. (404)998-5871.