COMMAND

    passwd

SYSTEMS AFFECTED

    Solaris 2.6, 2.6_x86, 2.5.1, 2.5.1_x86, 2.5, 2.5_x86, 2.4, 2.4_x86 and 2.3

PROBLEM

    Following is  based on  Sun Microsystems  Security Bulletin.   The
    passwd  command  changes  passwords  and  password  attributes.  A
    vulnerability  has  been  discovered  in  the passwd utility which
    could be exploited to create a denial of service.

SOLUTION

    Sun recommends that you install the respective patches immediately
    on affected systems:

        Operating System    Patch ID
        ----------------    ---------
        Solaris 2.6         106271-04
        Solaris 2.6_x86     106272-04
        Solaris 2.5.1       104433-09
        Solaris 2.5.1_x86   104434-08
        Solaris 2.5         103178-09
        Solaris 2.5_x86     103179-09
        Solaris 2.4         101945-60
        Solaris 2.4_x86     101946-53
        Solaris 2.3         101318-91