Copy Link
Add to Bookmark
Report
Modernz 66b
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
/* *\
/ * * \
/ * * \
/ * * \
/ * System Vulnerabilities * \
| * * |
| * * |
| * * |
| * Another Modernz Presentation * |
| * * |
\ * by * /
\ * Multiphage * /
\ * * /
\ * written on 12-15-92 * /
\ * */
*******************************************************************************
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
*******************************************************************************
The Modernz can be contacted at:
MATRIX BBS
WOK-NOW!
World of Kaos NOW!
World of Knowledge NOW!
St. Dismis Institute
- Sysops: Wintermute
Digital-demon
(908) 905-6691
(908) WOK-NOW!
(908) 458-xxxx
1200/2400/4800/9600
14400/19200/38400
Home of Modernz Text Philez
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><
<*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*>
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
TANSTAAFL
Pheonix Modernz
The Church of Rodney
- Sysop: Tal Meta
(908) 830-TANJ
(908) 830-8265
Home of TANJ Text Philez
<*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*>
CyberChat
Sysop: Hegz
(908)506-6651
(908)506-7637
300/1200/2400/4800/9600
14400/19200/38400
Modernz Site
TLS HQ
<><><><><><><><><><><><><><<><<><><><><><><><><><><><><><><><><><><><><><><><><
The Last Outpost
PowerBBS Support Board
UASI ALPHA Division
NorthWestern PA UASI site!
(412) 662-0769 300/1200/2400
24 hours! SysOp: The Almighty Kilroy
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><
BlitzKreig BBS
Home of TAP
(502)499-8933
<*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*><*>
===========================================================================
Revised Patch for SunOS /usr/etc/rpc.mountd Vulnerability
---------------------------------------------------------------------------
Information concerning the availability of a revised security
patch for /usr/etc/rpc.mountd in Sun Microsystems Computer Corporation
operating systems.
Sun has provided patches for SunOS 4.1, SunOS 4.1_PSR_A, SunOS 4.1.1,
and SunOS 4.1.2. These patches are available through your local Sun
Answer Center as well as through anonymous ftp from ftp.uu.net (137.39.1.9)
in the /systems/sun/sun-dist directory.
Patch ID and file information are as follows:
Fix Patch ID Filename Checksum
/usr/etc/rpc.mountd 100296-02 100296-02.tar.Z 30606 23
---------------------------------------------------------------------------
I. Description
Under certain conditions an exported NFS filesystem can be
mounted by any system on the Internet even though it may appear
that access to the filesystem is restricted to specific hosts.
II. Impact
Unauthorized remote hosts will be able to mount the exported filesystem.
III. Solution
As root:
1. Move the existing rpc.mountd aside and change the permissions.
# mv /usr/etc/rpc.mountd /usr/etc/rpc.mountd.OLD
# chmod 400 /usr/etc/rpc.mountd.OLD
2. Install the new version
# cp `arch`/rpc.mountd /usr/etc
# chown root.staff /usr/etc/rpc.mountd
# chmod 755 /usr/etc/rpc.mountd
3. Kill the currently running rpc.mountd and restart it, or
reboot the system. In either case, systems with filesystems
mounted from this host will have interruptions in service.
---------------------------------------------------------------------------
===========================================================================
SunOS NIS Vulnerability
---------------------------------------------------------------------------
Information concerning several vulnerabilities with NIS under Sun
Microsystems, Inc. SunOS. These vulnerabilities exist in NIS under
SunOS 4.1, 4.1.1, and 4.1.2, and may or may not exist in earlier versions
of NIS.
Sun has provided fixes for SunOS 4.1, 4.1.1, and 4.1.2 for these
vulnerabilities. The patch file containing these fixes is available
through your local Sun Answer Center and through anonymous ftp from
ftp.uu.net (137.39.1.9) in the /systems/sun/sun-dist directory. Note
that these fixes will probably not be compatible with SunOS 4.0.3 and
earlier versions of the operating system.
Fix PatchID Filename Checksum
/usr/etc/{ypserv,ypxfrd,portmap} 100482-2 100482-02.tar.Z 53416 284
Please note that Sun will occasionally update patch files. If you
find that the checksum is different, please contact Sun or the CERT/CC
for verification.
---------------------------------------------------------------------------
I. Description
A security vulnerability exists under NIS allowing unauthorized access
to NIS information.
II. Impact
A user on a remote host can obtain copies of the NIS maps from a
system running NIS. The remote user can attempt to guess passwords
for the system using the obtained NIS password map information.
III. Solution
A. Obtain and install the patch from Sun or from ftp.uu.net following
the instructions provided in the "README" file.
1. As root, rename the existing versions of
/usr/etc/{ypserv,ypxfrd,portmap} and modify the
permissions to prevent misuse.
# mv /usr/etc/ypserv /usr/etc/ypserv.orig
# mv /usr/etc/ypxfrd /usr/etc/ypxfrd.orig
# mv /usr/etc/portmap /usr/etc/portmap.orig
# chmod 0400 /usr/etc/ypserv.orig
# chmod 0400 /usr/etc/ypxfrd.orig
# chmod 0400 /usr/etc/portmap.orig
2. Copy the new binaries into the /usr/etc directory.
# cp `arch`/{4.1, 4.1.1, 4.1.2}/ypserv /usr/etc/ypserv
# cp `arch`/{4.1, 4.1.1, 4.1.2}/ypxfrd /usr/etc/ypxfrd
# cp `arch`/{4.1, 4.1.1, 4.1.2}/portmap /usr/etc/portmap
# chown root /usr/etc/ypserv /usr/etc/ypxfrd /usr/etc/portmap
# chmod 755 /usr/etc/ypserv /usr/etc/ypxfrd /usr/etc/portmap
3. Copy the securenets file to the /var/yp directory. Any
site that has an existing /var/yp/securenets file should
rename it prior copying the new version of the file.
# cp `arch`/{4.1, 4.1.1, 4.1.2}/securenets /var/yp
# chown root /var/yp/securenets
# chmod 644 /var/yp/securenets
4. Edit the /var/yp/securenets file to reflect the correct
configuration for your site. See the "README" file for
details of the file syntax and special instructions for
hosts with multiple Ethernet interfaces. The file should
not contain any blank lines.
5. Reboot the system to invoke the new binaries.
