Rapid7 Vulnerability & Exploit Database

Sun Patch: Solstice AdminSuite 3.0.1_x86: Auditing compat mode passwd autohom

Back to Search

Sun Patch: Solstice AdminSuite 3.0.1_x86: Auditing compat mode passwd autohom



From Sun Patch 108881-11

Sun has released a security patch addressing the following issues:

4756006 3.0.1 adminsuite cant manage nis domain from virtual interface as root
(from 108881-10)
4517531 User's rights change with AdminSuite 3.0.1 doesn't work properly
(from 108881-09)
4518356 Adminsuite 3.0.1 reverses NIS+ host table information (name/cname)
(from 108881-08)
4470402 Added rights cannot be removed (AdminSuite 3.0.1, Solaris 8 1/01, 4/01)
(from 108881-07)
4431256 change user's password and the the shell change
(from 108881-06)
4428879 adminsuite 3.0 and 3.0.1 will not allow users home directory to be created
4432176 AdminSuite 3.0.1 problems with NIS+ passwd entries
(from 108881-05)
4410452 Current patches for Adminsuite 3.0 and 3.0.1 don't restart the server on install
(from 108881-04)
4318890 possible problem with  passwd min/max varibles in correct field
(from 108881-03)
4372914 AdminSuite 3/NIS+: change shell or GECOS fields mangles entry in passwd.org_dir
4341813 AdminSuite 3.0 sets wrong homedirectory using usrmgr in NIS-Environment
(from 108881-02)
4322070 The AdminSuite server must audit login attempts.
4305942 admsvr3_0 fails to start with 'compat' in nsswitch.conf
	This patch fixes the admsvr3_0 start failures, but when the
	compat option is used in /etc/nsswitch.conf, a subset of the
	complete functionality of the normal compat option will be used
	when searching for user authorizations.
	A table of authorization search orders based on the configuration
	of /etc/nsswitch.conf and /etc/passwd follows:
	/etc/passwd ends in +   passwd_compat:        search order
	yes                     none                  files nis
	yes                     nis                   files nis
	yes                     nisplus               files nisplus
	no                      any                   files
	For example, if the compat option is used, and the /etc/passwd
	file ends with a +, and there is no passwd_compat target in the
	nsswitch.conf, then the search order for authorizations will be
	first all of /etc/passwd, then all of the NIS passwd map.
	Other special compat mode syntax, such as +-user or +-netgroup,
	is NOT supported.  In order to eliminate any confusion in assigning
	authorizations, it is highly recommended that all administrative
	users not be users who go through any of the unsupported compat
	switch syntax when logging in.
(from 108881-01)
4308991 BSM Auditing not working correctly for users, groups and mounts


  • sunpatch-solaris-108881

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center