Original issue date: February 14, 1994<BR>
Last revised: September 19, 1997<BR>
Attached copyright statement

<P>A complete revision history is at the end of this file.

<BR>
<BLOCKQUOTE>
<H4>THIS IS A REVISED CERT ADVISORY<BR>
 IT CONTAINS NEW VULNERABILITY AND PATCH INFORMATION<BR>
 SUPERSEDES CERT ADVISORY CA-91.09 and CA-92.12 </H4></BLOCKQUOTE>

<P>The CERT Coordination Center has received information concerning a
vulnerability in /usr/etc/rpc.mountd in Sun Microsystems, Inc. SunOS
4.1.1, 4.1.2, 4.1.3, and 4.1.3c.  SunOS 4.1.3.u.1, Solaris 2.x, and
Solbourne's 4.1B and 4.1C are not vulnerable.

<P>Sun has produced a patch for this vulnerability for sun3 and sun4
architectures.  It is available through your local Sun Answer Center
as well as through anonymous FTP from the ftp.uu.net system in the
/systems/sun/sun-dist directory or from the ftp.eu.net system in the
/sun/fixes directory.

<P>This vulnerability is currently being exploited.  Please review 
<A HREF="http://www.cert.org/advisories/CA-94.01.ongoing.network.monitoring.attacks.html">CERT
Advisory CA-94.01 Ongoing Network Monitoring Attacks</A>.

<P><HR>
<H2>I. Description</H2>

If an access list of hosts within /etc/exports is a string
over 256 characters or if the cached list of netgroups exceeds
the cache capacity then the file system can be mounted by anyone.

<H2>II. Impact</H2>


Unauthorized remote hosts will be able to mount the file system.
This will allow unauthorized users read and write access to files
on mounted file systems.

<H2>III. Solution</H2>


Obtain and install the appropriate patch following the instructions
included with the patch.

<P>Patches are available from

<P>
<A HREF=ftp://ftp.uu.net/systems/sun/sun-dist/patches/>ftp://ftp.uu.net/systems/sun/sun-dist/patches/</A>

<P>
<A HREF=ftp://ftp.eu.net/sun/fixes/>ftp://ftp.eu.net/sun/fixes/</A>

<P>There is a README file and directory layout to help identify which
binaries are appropriate for which architectures.
<PRE>
Patch-ID   Filename         BSD          MD5
                            Checksum     Checksum
100296-04  100296-04.tar.Z  15271    40  4e1354ecb7fb9c7e962d7020f31f07bf

</PRE>

<!--#include virtual="/include/footer_nocopyright.html" -->
<P>Copyright 1994, 1995, 1996 Carnegie Mellon University.</P>

<HR>

Revision History
<PRE>
Sept. 19,1997  Attached copyright statement
Aug. 30, 1996  Information previously in the README was inserted
               into the advisory. Updated URL format.
June 09, 1995  Solution - recommended source to use for patches if the
               checksums didn't match
Apr. 20, 1994  Solution - noted that Sun ensured that the same versions of
               patches were available at all locations and provided files to
               help determine which architectures require the patch.
</PRE>