Rapid7 Vulnerability & Exploit Database

Sun Patch: Solstice AdminSuite 3.0.1_x86: NIS+ compat passwd autohome rights

Back to Search

Sun Patch: Solstice AdminSuite 3.0.1_x86: NIS+ compat passwd autohome rights

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
05/08/2003
Created
07/25/2018
Added
05/03/2006
Modified
01/30/2015

Description

From Sun Patch 109414-09

Sun has released a security patch addressing the following issues:

4756006 3.0.1 adminsuite can't manage nis domain from virtual interface as root
 
 
(from 109414-08)
 
4517531 User's rights change with AdminSuite 3.0.1 doesn't work properly
 
 
(from 109414-07)
 
4470402 Added rights cannot be removed (AdminSuite 3.0.1, Solaris 8 1/01, 4/01)
 
 
(from 109414-06)
 
4431256 change user's password and the the shell change
 
 
(from 109414-05)
 
4428879 adminsuite 3.0 and 3.0.1 will not allow users home directory to be created
4432176 AdminSuite 3.0.1 problems with NIS+ passwd entries
 
 
(from 109414-04)
 
4410452 Current patches for Adminsuite 3.0 and 3.0.1 don't restart the server on install
 
 
(from 109414-03)
 
4318890 possible problem with  passwd min/max varibles in correct field
 
 
(from 109414-02)
 
4372914 AdminSuite 3/NIS+: change shell or GECOS fields mangles entry in passwd.org_dir
4341813 AdminSuite 3.0 sets wrong homedirectory using usrmgr in NIS-Environment
 
 
(from 109414-01)
 
4305942 admsvr3_0 fails to start with 'compat' in nsswitch.conf
	This patch fixes the admsvr3_0 start failures, but when the
	compat option is used in /etc/nsswitch.conf, a subset of the
	complete functionality of the normal compat option will be used
	when searching for user authorizations.
 
	A table of authorization search orders based on the configuration
	of /etc/nsswitch.conf and /etc/passwd follows:
 
	/etc/passwd ends in +   passwd_compat:        search order
	yes                     none                  files nis
	yes                     nis                   files nis
	yes                     nisplus               files nisplus
	no                      any                   files
 
	For example, if the compat option is used, and the /etc/passwd
	file ends with a +, and there is no passwd_compat target in the
	nsswitch.conf, then the search order for authorizations will be
	first all of /etc/passwd, then all of the NIS passwd map.
 
	Other special compat mode syntax, such as +-user or +-netgroup,
	is NOT supported.  In order to eliminate any confusion in assigning
	authorizations, it is highly recommended that all administrative
	users not be users who go through any of the unsupported compat
	switch syntax when logging in.

Solution(s)

  • sunpatch-solaris-109414

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;