Bugtraq mailing list archives

Re: CERT Advisory CA-2001-34 Buffer Overflow in System V Derived Login

From: Scott Howard <scott () doc net au>
Date: Sat, 15 Dec 2001 06:33:14 +1100

On Wed, Dec 12, 2001 at 06:12:36PM -0500, CERT Advisory wrote:

Sun Microsystems

   Sun  has  developed  a  fix  and  T-patches are being tested. Official
   patches  will  be  released  shortly and Sun will issue a Sun Security
   Bulletin when they are available.


These patches are now available.  The relevant patch numbers are :

    111085-02 SunOS 5.8: /usr/bin/login patch
    111086-02 SunOS 5.8_x86: /usr/bin/login patch
    112300-01 SunOS 5.7:: usr/bin/login Patch
    112301-01 SunOS 5.7_x86:: usr/bin/login Patch
    105665-04 SunOS 5.6: /usr/bin/login patch
    105666-04 SunOS 5.6_x86: /usr/bin/login patch
    106160-02 SunOS 5.5.1: /usr/bin/login patch
    106161-02 SunOS 5.5.1_x86: /usr/bin/login patch

At this stage these no not appear to be free patches (ie, you need a contract
to get to them), although I expect this will change.

  Scott

Current thread:

CERT Advisory CA-2001-34 Buffer Overflow in System V Derived Login CERT Advisory (Dec 12)
- Re: CERT Advisory CA-2001-34 Buffer Overflow in System V Derived Login Florian Weimer (Dec 13)
- Re: CERT Advisory CA-2001-34 Buffer Overflow in System V Derived Login Scott Howard (Dec 14)
  - Re: CERT Advisory CA-2001-34 Buffer Overflow in System V Derived Login Bill Clawson (Dec 15)
- <Possible follow-ups>
- Re: CERT Advisory CA-2001-34 Buffer Overflow in System V Derived Login Derrick Scholl (Dec 14)