Patch-ID# 101736-04 Keywords: security getservbyname gethostbyaddr NIS_PATH nisplus link getservent Synopsis: SunOS 5.3: nisplus patch Date: Jul/18/97 Solaris Release: 2.3 SunOS Release: 5.3 Unbundled Product: Unbundled Release: Topic: SunOS 5.3: nisplus patch BugId's fixed with this patch: 1141304 1161361 1164298 1164301 1223320 Changes incorporated in this version: 1223320 Relevant Architectures: sparc Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: usr/lib/nss_nisplus.so.1 Problem Description: 1223320 nisplus client code doesn't do proper bounds checking. (from 101736-03) 1161361 su(1M) should not require a world readable NIS+ passwd table (from 101736-02) 1164298 getservent does not follow nisplus links to higher level domains (from 101736-01) 1164301 getservbyname works incorrectly when searching using nisplus 1141304 gethostbyaddr ignores the "NIS_PATH" 1164301 getservbyname works incorrectly when searching using nisplus When the NIS+ services table contains entries with the same name, different protocols, and different port numbers, lookups of that service via the switch NIS+ backend would sometimes return the port number corresponding to the wrong protocol. 1141304 gethostbyaddr ignores the "NIS_PATH" Host address lookups using the switch NIS+ backend did not apply NIS+ name expansion or use the NIS_PATH environment variable. This resulted in behavior inconsistent with that of host name lookups. Patch Installation Instructions: -------------------------------- Refer to the Install.info file within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. Any other special or non-generic installation instructions should be described below. Special Install Instructions: ----------------------------- None.