OBSOLETE Patch-ID# 104166-04
Keywords: security statd NUM_PROC_FDS buffer overflow root automountd daemon
Synopsis: Obsoleted by: 104166-05 SunOS 5.5.1: /usr/lib/nfs/statd patch
Date: Jun/01/1999

Solaris Release: 2.5.1

SunOS Release: 5.5.1

Unbundled Product: 

Unbundled Release: 

Xref: This patch available for x86 as patch 104167

Topic: SunOS 5.5.1: /usr/lib/nfs/statd patch

Relevant Architectures: sparc

BugId's fixed with this patch: 1196526 1255547 4034187 4159085

Changes incorporated in this version: 4159085

Patches accumulated and obsoleted by this patch: 

Patches which conflict with this patch: 

Patches required with this patch: 104654-05 or greater

Obsoleted by: 

Files included with this patch: 

/usr/lib/nfs/statd

Problem Description:

4159085 statd allows indirect RPC calls
(from 104166-03)
1255547 lock manager can consume much kernel memory waiting for statd
(from 104166-02)
4034187 buffer overflow in statd allows root attack
(from 104166-01)
1196526 statd/rpc.c''s definition of NUM_PROC_FDS is too small, it can 
        cause create to fail

Patch Installation Instructions:
-------------------------------- 
Refer to the Install.info file within the patch for instructions on
using the generic ''installpatch'' and ''backoutpatch'' scripts provided
with each patch.  Any other special or non-generic installation
instructions should be described below.

Special Install Instructions:
-----------------------------
None.

README -- Last modified date:  Friday, June 1, 2001