Patch Name: PHNE_18667 Patch Description: s700_800 10.26 remote network commands cumulative patch Creation Date: 99/08/18 Post Date: 99/08/27 Hardware Platforms - OS Releases: s700: 10.26 s800: 10.26 Products: N/A Filesets: InternetSrvcs.INETSVCS-RUN Automatic Reboot?: No Status: General Release Critical: No Path Name: /hp-ux_patches/s700_800/10.X/PHNE_18667 Symptoms: PHNE_18667: rlogin(1) sessions are killed when still in use PHNE_17868: Port PHNE_13619 (PHNE_13619:) rlogin * rlogin does not handle LANG environment variable properly. rlogind * rlogind does not handle long hostname. remsh * ER - remsh with stderr closed returns "fd = 2". * remsh does not handle LANG environment variable properly. remshd * remshd does not update login counters properly. * PHNE_12161: remshd and rexecd patch does not work with large UID/GIDs. * rexecd does not update trusted systems DB on good logins. rcp * rcp does not clear old errno value. * SR: RCP may show file as being there even if it ran out of disk space. * rcp does not check for proper parameters. * rcp does not handle LANG environment variable properly. rdist * rdist does not check for temporary files before creating them. * rdist does not set process resources properly. * rdist does not process distfile properly. * rdist fails if subdirectory exists that matches remote hostname. (PHNE_12161:) * The lockout feature of trusted systems does not work with rexec. (PHNE_11728:) * Certain signals cause rlogin to dump core. * Change in rlogind logging. Timeout login events no longer logged. (PHNE_10638:) * rlogin dies intermittently due to signal "SIGUSR1". (PHNE_9787:) * RCP on a NFS system displays the error message rcp : can't truncate....Permission denied with NFS. (PHNE_9219:) * RDIST allows copy of certain files without the required permission. (PHNE_8889:) * remsh/rexec do not force user to change expired password if it is null. (PHNE_8807:) * Environment variable TERM overflow in rlogin. * Time stamp of rlogind's log message for login failure is set to EST/EDT. * Connection closes when any child process of rlogind receives a SIGSTOP. (PHNE_7920:) * RDIST cannot transfer files greater than 2 Giga bytes. An enhancement request exists for RDIST to be able to handle files greater than 2 Giga bytes in size. * A bug was found in RDIST which can allow an unprivileged local user to gain unauthorized access. This patch fixes the bug. (PHNE_7918:) * RCP cannot transfer files greater than 2 Giga bytes. An enhancement request exists for RCP to be able to handle files greater than 2 Giga bytes in size. (PHNE_6815:) * Changed the default pathname to include /usr/local/bin and /usr/contrib/bin as per HP-UX 9.x. Defect Description: PHNE_18667: Under certain conditions, rlogind(1M) will incorrectly close sessions Resolution: Remove offending code PHNE_17868: Port PHNE_13619 Resolution: Port PHNE_13619 SR: 0000000000 Patch Files: /usr/bin/rcp /usr/bin/rdist /usr/bin/remsh /usr/bin/rexec /usr/bin/rlogin /usr/lbin/remshd /usr/lbin/rexecd /usr/lbin/rlogind what(1) Output: /usr/lbin/rlogind: 1999/08/17 Hewlett-Packard HP-UX 10.26 TOS [ ic5cy - DAV17 ] Copyright (c) 1983, 1988 The Regents of the Universi ty of California. 99/05/24 services/INETSVCS/rlogind/rlogind.c, hpux, hpux_10.26, ic5cy Revision 1.11 PATCH_10.26 (PHNE_18667) rlogind.c $Header: rlogind.c,v 1.17.212.24 98/07/15 23:47:14 hnt Exp $ rlogind.c 5.22.1.6 (Berkeley) 2/7/89 /usr/bin/rcp: 1999/03/22 Hewlett-Packard HP-UX 10.26 TOS [ ic5bn - DAV17 ] Copyright (c) 1983 The Regents of the University of California. 99/03/11 services/INETSVCS/rcp/rcp.c, hpux, hpux_10. 26, ic5bn Revision 1.5 PATCH_10.26 (PHNE_178 68) rcp.c $Revision: 1.16.212.22 $ $Date: 98/07/15 03:47 :47 $ rcp.c 5.20 (Berkeley) 5/23/89 /usr/bin/rdist: 1999/03/22 Hewlett-Packard HP-UX 10.26 TOS [ ic5bn - DAV17 ] 99/03/09 services/INETSVCS/rdist/docmd.c, hpux, hpux _10.26, ic5bn Revision 1.3 PATCH_10.26 (PHNE _17868) 99/03/09 services/INETSVCS/rdist/expand.c, hpux, hpu x_10.26, ic5bn Revision 1.3 PATCH_10.26 (PHN E_17868) 99/03/09 services/INETSVCS/rdist/lookup.c, hpux, hpu x_10.26, ic5bn Revision 1.3 PATCH_10.26 (PHC O_17868) UNMODIFIED 99/03/09 services/INETSVCS/rdist/main.c, hpux, hpux_ 10.26, ic5bn Revision 1.3 PATCH_10.26 (PHCO_ 17868) 99/03/09 services/INETSVCS/rdist/server.c, hpux, hpu x_10.26, ic5bn Revision 1.3 PATCH_10.26 (PHN E_17868) $Revision: 1.1.212.3 Tue Mar 23 08:20:39 GMT 1999$ /usr/bin/remsh: 1999/03/22 Hewlett-Packard HP-UX 10.26 TOS [ ic5bn - DAV17 ] Copyright (c) 1983 The Regents of the University of California. 99/03/08 services/INETSVCS/remsh/remsh.c, hpux, hpux _10.26, ic5bn Revision 1.4 PATCH_10.26 (PHNE _17868) remsh.c $Revision: 1.28.212.10 $ $Date: 98/07/15 22: 31:58 $ rsh.c 5.7 (Berkeley) 9/20/88 /usr/bin/rexec: 1999/03/22 Hewlett-Packard HP-UX 10.26 TOS [ ic5bn - DAV17 ] Copyright (c) 1983 The Regents of the University of California. 99/03/08 services/INETSVCS/remsh/remsh.c, hpux, hpux _10.26, ic5bn Revision 1.4 PATCH_10.26 (PHNE _17868) remsh.c $Revision: 1.28.212.10 $ $Date: 98/07/15 22: 31:58 $ rsh.c 5.7 (Berkeley) 9/20/88 /usr/bin/rlogin: 99/03/22 lib/libc/core/gen/ctime.c, hpux, hpux_10.26 , ic5bn Revision 1.2 PATCH_10.26 (PHCO_17823 ) UNMODIFIED 1999/03/22 Hewlett-Packard HP-UX 10.26 TOS [ ic5bn - DAV17 ] Copyright (c) 1983 The Regents of the University of California. 99/03/05 services/INETSVCS/rlogin/rlogin.c, hpux, hp ux_10.26, ic5bn Revision 1.3 PATCH_10.26 (PH NE_17868) rlogin.c $Revision: 1.35.212.10 $ $Date: 98/07/15 23 :33:25 $ 99/03/22 lib/libsecurity/mandlib.c, hpux, hpux_10.26 , ic5bn Revision 1.5 PATCH_10.26 (PHCO_17760 ) $ ic5ae_DAV17 lib/libc/archive_pa1/libc.a_01 Mar 22 1999 21:35:10 /usr/lbin/remshd: 1999/03/22 Hewlett-Packard HP-UX 10.26 TOS [ ic5bn - DAV17 ] Copyright (c) 1983, 1988 The Regents of the Universi ty of California. 99/03/08 services/INETSVCS/remshd/remshd.c, hpux, hp ux_10.26, ic5bn Revision 1.4 PATCH_10.26 (PH NE_17868) rshd.c 5.17.1.2 (Berkeley) 2/7/89 remshd.c $Revision: 1.34.212.11 $ /usr/lbin/rexecd: 1999/03/22 Hewlett-Packard HP-UX 10.26 TOS [ ic5bn - DAV17 ] Copyright (c) 1983, 1988 The Regents of the Universi ty of California. 99/03/08 services/INETSVCS/remshd/remshd.c, hpux, hp ux_10.26, ic5bn Revision 1.4 PATCH_10.26 (PH NE_17868) rexecd.c 5.7 (Berkeley) 1/4/89 rexecd.c $Revision: 1.34.212.11 $ cksum(1) Output: 3928562377 32768 /usr/lbin/rlogind 179930059 40960 /usr/bin/rcp 1306054232 73728 /usr/bin/rdist 3369739077 20480 /usr/bin/remsh 3369739077 20480 /usr/bin/rexec 1506643948 458752 /usr/bin/rlogin 2050534867 20480 /usr/lbin/remshd 4203883684 20480 /usr/lbin/rexecd Patch Conflicts: None Patch Dependencies: None Hardware Dependencies: None Other Dependencies: None Supersedes: PHNE_17868 Equivalent Patches: None Patch Package Size: 740 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHNE_18667 5a. For a standalone system, run swinstall to install the patch: swinstall -x autoreboot=true -x match_target=true \ -s /tmp/PHNE_18667.depot By default swinstall will archive the original software in /var/adm/sw/patch/PHNE_18667. If you do not wish to retain a copy of the original software, you can create an empty file named /var/adm/sw/patch/PATCH_NOSAVE. WARNING: If this file exists when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. It is recommended that you move the PHNE_18667.text file to /var/adm/sw/patch for future reference. To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHNE_18667.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: None