**********************************************************************
DDN MGT Bulletin 57              DCA DDN Defense Communications System
24 Apr 89                        Published by: DDN Network Info Center
                                   ([email protected])  (800) 235-3155

                       DEFENSE  DATA  NETWORK
                        MANAGEMENT  BULLETIN

The DDN MANAGEMENT BULLETIN is distributed online by the DDN Network
Information Center under DCA contract as a means of communicating
official policy, procedures and other information of concern to
management personnel at DDN facilities.  Back issues may be read
through the TACNEWS server ("@n" command at the TAC) or may be
obtained by FTP (or Kermit) from the SRI-NIC host [26.0.0.73 or
10.0.0.51] using login="anonymous" and password="guest".  The pathname
for bulletins is DDN-NEWS:DDN-MGT-BULLETIN-nn.TXT (where "nn" is the
bulletin number).

**********************************************************************

          SECURITY PROBLEM IN SUN 386i SYSTEMS

APPLICABLE OPERATING SYSTEM:  SunOS 4.0.1 on Sun 386i Systems only

 PROBLEM: A serious security problem exists with the Sun 386i
          product.

  STATUS: Sun support and Sun's field offices are able to supply a new
          set of programs that will solve the problem.  We strongly recommend
          contacting Sun to prevent possible compromises of your 386i systems.

CONTACTS: Sun service hotline at 1-800-USA-4SUN.
          Your local Sun representative for site-specific information.
          CERT at (412) 268-7090  for general problem information.
          SRI/NIC at 1-800-235-3155 for general information.

 NOTE:    This bulletin represents the best information available
          at this time to fix this problem.  As with any program
          modification, CHECK WITH YOUR VENDOR BEFORE APPLYING.

 INTERIM FIX: Until you receive the new programs from Sun, we suggest
          that you change the protection of the login program in
          the following manner:

                       chmod 2750 login

          This modification will allow login to continue to work but
          removes users access to it.

 DETAILS: (from Sun).

======================================================================
        "Sun386 SunOS 4.0.1 Security Announcement"

Sun now has two binaries available through your local Answer Centers
to enhance the security of systems running Sun386 SunOS 4.0.1.
We are making these fixes available to further enhance the security
features of the Sun386i SunOS.

The bug fixes available on these tapes are described in Early Warning
Releases 10 and 11.  The bug fixes will be incorporated in future
releases of Sun386.

Customers with Sun 386i systems can obtain the above bug fixes by
calling the Sun service hotline 1-800-USA-4SUN, or their local Sun
vendor representatives.

Ask for the fix for bug reference IDs 1017464, 1015747, and 1015043
from the USAC.

Customers in Europe and Intercon should contact their local service
center or call their local Sun hotline to obtain this fix.
======================================================================

Downloaded From P-80 International Information Systems 304-744-2253

You are viewing proxied material from infinitelyremote.com. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.