Patch-ID# 103603-16 Keywords: security ftp nfs memory leak getreply domap rsh rexec in.ftpd client Synopsis: SunOS 5.5.1: ftp, in.ftpd, in.rexecd and in.rshd patch Date: Jun/25/2001 Solaris Release: 2.5.1 SunOS Release: 5.5.1 Unbundled Product: Unbundled Release: Xref: This patch available for x86 as patch 103604 Topic: SunOS 5.5.1: ftp, in.ftpd, in.rexecd and in.rshd patch Relevant Architectures: sparc BugId's fixed with this patch: 1144333 1198215 1246408 1249667 1251275 1255435 1256632 4009680 4066864 4080226 4104868 4139895 4193146 4197316 4324375 4436988 4445755 4446600 4451524 4452705 Changes incorporated in this version: 4436988 4445755 4446600 4451524 4452705 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: 105097-03 or greater Obsoleted by: Files included with this patch: /usr/bin/ftp /usr/sbin/in.ftpd /usr/sbin/in.rexecd /usr/sbin/in.rshd Problem Description: 4436988 security: Globbing problem in in.ftpd 4446600 ftpd memory leaks 4445755 ftpd glob can still use a lot of memory and CPU 4451524 in.ftpd cores 4452705 GAVSIZ definition needs to stay in glob.c (from 103603-15) Re-build of the -14 revision to setup the dependency for patch ID # 105097-03 (or newer) (from 103603-14) 4324375 rsh to machine with two interfaces on same subnet has problems with firewall. (from 103603-13) 4139895 in.ftpd can be fooled to connect to a reserved port (from 103603-12) 4009680 ftpd security problem (from 103603-11) 4197316 buffer overflow in ftp (from 103603-10) 4193146 ftp client is too restrictive after fix for 4080226 (from 103603-09) 4080226 Security issue: security hole in mget (in ftp client) (from 103603-08) 4104868 in.ftpd consumes CPU if client end shutdown uncleanly (from 103603-07) 4066864 in.rexecd does not prevent access to expired accounts (from 103603-06) 1144333 ftp abuses malloc/free - Segmentation Fault at multiple mput (from 103603-05) 1246408 ftp may be used to get root access from port 20 to other machines (from 103603-04) 1251275 ftpd,rshd,rexecd,in.uucpd on NFS client puts user in / when homedir is mounted as a non-trusted root (from 103603-03) 1256632 ftp "nmap" function does not work (from 103603-02) 1255435 ftp dumps core if lostpeer signal handler is called right before getreply() 1249667 ftp size increases by 8k/2 page size with every open/close session memory leak (from 103603-01) 1198215 ftp can silently lose data when writing to nfs Patch Installation Instructions: -------------------------------- Refer to the Install.info file within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below. Special Install Instructions: ----------------------------- None. README -- Last modified date: Monday, June 25, 2001