Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Exploit of rpc.cmsd
From: casper () HOLLAND SUN COM (Casper Dik)
Date: Thu, 15 Jul 1999 23:58:04 +0200

(What about Solaris 2.4?)

Both CDE 1.0.1/1.0.2  (which have seperate rpc.cmsd binaries; these
were merged in later releases) and Solaris 2.4 patches will be released
at a later date.

Be aware that when these patches[*] are applied, the existing rpc.cmsd
process (if one exists) seems to be killed in a *prepatch* script--that
is, *before* the programs are updated.

Thanks for noticing this; I've notified the persons responsible for
this patch; it will be addressed in a future release.

I couldn't begin to speculate about why Sun didn't make this a postpatch
script rather than a prepatch script.

Neither could I; it's a mistake.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]