Patch-ID# 105153-03
Keywords: security y2000 passwd yppasswd
Synopsis: SunOS 4.1.3_U1: passwd command Year 2000 and security fixes
Date: Dec/03/99

Solaris Release: 1.1.1

SunOS Release: 4.1.3_U1

Unbundled Product: 

Unbundled Release: 

Relevant Architectures: sun4(all)

BugId's fixed with this patch: 4035308 1169007 4155587

Changes incorporated in this version: 4155587

Patches accumulated and obsoleted by this patch: 102060-01

Patches which conflict with this patch: 

Patches required with this patch: 

Obsoleted by: 

Files included with this patch: passwd

Problem Description: 

4155587 SunOS 4.1.x getpublickey() buffer overflow problem       

4035308 passwd command displays Year 2000 incorrectly

1169007: Security: Root access possible on SunOS 4.1.x via forced passwd
         race condition.

        
Patch Installation Instructions: 

1) As root, save copies of the original passwd and yppasswd files:
   cp /usr/bin/passwd /usr/bin/passwd.FCS
   chmod 400 /usr/bin/passwd.FCS
   cp /usr/bin/yppasswd /usr/bin/yppasswd.FCS
   chmod 400 /usr/bin/yppasswd.FCS

   
2) Copy the new passwd command from the patch directory:
   cp passwd /usr/bin
   cp passwd /usr/bin/yppasswd
   
3) chmod 4755 /usr/bin/passwd
   chown root.staff /usr/bin/passwd
   chmod 4755 /usr/bin/yppasswd
   chown root.staff /usr/bin/yppasswd
