Patch-ID# 103582-16 Keywords: security telnet ftp single tcp NDD tcp_bind web RTO FIN ack TLI Synopsis: SunOS 5.5.1: /kernel/drv/tcp and /usr/bin/netstat patch Date: May/22/98 Solaris Release: 2.5.1 SunOS Release: 5.5.1 Unbundled Product: Unbundled Release: Xref: This patch available for x86 as patch 103581 Xref: This patch available for PPC as patch 103583 Topic: SunOS 5.5.1: /kernel/drv/tcp and /usr/bin/netstat patch NOTE: We recommend installing the following patches to get the complete support for large IP addresses: 103594-10 (or newer) usr/lib/sendmail fixes 104331-03 (or newer) usr/sbin/rpcbind patch 104956-01 (or newer) usr/sbin/in.rarpd patch 104958-01 (or newer) usr/sbin/in.rdisc patch 104960-01 (or newer) usr/sbin/snoop patch BugId's fixed with this patch: 1182957 1206850 1233827 1248840 1249829 1250411 1259524 1261245 4005586 4011648 4015495 4017242 4022642 4034353 4034355 4043513 4052115 4069902 4089811 Changes incorporated in this version: 4089811 Relevant Architectures: sparc Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: iss_sparc-01 (or newer) Patches required with this patch: 103630-08 (or newer) Obsoleted by: Files included with this patch: /kernel/drv/tcp /usr/bin/netstat Problem Description: 4089811 bugfix 1182957 causes Sybase server to hang (from 103582-15) 4069902 TCP in 2.5.1 should have similar slow start mechanism as in 2.6 (from 103582-14) This revision is generated to establish a dependency on the ip patch (103630-08 or newer). (from 103582-13) 4005586 netstat locks up TCP for too long due to inefficient code (from 103582-12) 4052115 putback of 1182957 broke an earlier fix 4043513 TCP Simultaneous Open feature does not work (from 103582-11) 1182957 SYNs can be sinful The bug that this patch addresses causes the system to become unusable to certain ports that come under SYN attack. During the SYN attack the attacker fills up the listen queue of the application, due to which additional incoming connections on the same port are dropped. By carefully timing these bogus SYNs an attacker can block out all legitimate incoming connections. (from 103582-10) 4034355 Solaris ignores KEEPALIVE probes without data 4034353 TCP/IP sometimes forgets PSH after sending URG. (from 103582-09) 1250411 rcp receives "random" connection reset by peer (from 103582-08) 4017242 PDB-System crash with BAD TRAP (from 103582-07) 4015495 connect deadlock when ephemeral port is same as dest port (from 103582-06) 4022642 TLI application causes Data Fault system panics (from 103582-05) 4011648 Fix for bug 1248840 introduces performance degradation in rsh (from 103582-04) 1259524 deadbeef panic in tcp_xmit_mp() (from 103582-03) 1261245 window probes can cause ack wars (from 103582-02) 1248840 TCP socket can't handle FIN pkt from client surely (deadlock) Fixed code to avoid system panic due to deallocated tcp structure. (from 103582-01) 1249829 connection times out if remote only sends zero-windows A connection that sends a zero window for more than tcp_ip_abort_interval interval will have the connection terminated. 1248840 TCP socket can't handle FIN pkt from client surely (deadlock) 1233827 tcp retransmits too much for short connections as seen at web sites 1206850 Solaris 2.4, telnet/ftp error in single user mode. Patch Installation Instructions: -------------------------------- Refer to the Install.info file within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below. Special Install Instructions: ----------------------------- If the reason to install this patch is to fix bugid 1233827 (tcp retransmits too much for short connections as seen at web sites), the 2.5.1 ip patch (103630-01 or newer) is also required. NOTE: We recommend installing the following patches to get the complete support for large IP addresses: 103594-10 (or newer) usr/lib/sendmail fixes 104331-03 (or newer) usr/sbin/rpcbind patch 104956-01 (or newer) usr/sbin/in.rarpd patch 104958-01 (or newer) usr/sbin/in.rdisc patch 104960-01 (or newer) usr/sbin/snoop patch