SUN MICROSYSTEMS SECURITY BULLETIN: #00110

 This information is only to be used for the purpose of alerting
customers to problems. Any other use or re-broadcast of this 
information without the express written consent of Sun Microsystems
shall be prohibited.

Sun expressly disclaims all liability for any misuse of this information
by any third party.
---------------------------------------------------------------------------


   All patches listed are available through your local Sun answer centers
   worldwide as well as through anonymous ftp to ftp.uu.net.
   In the US on ~ftp/sun-dist directory and in Europe on mcsun.eu.net
   on ~ftp/sun/fixes directory.


Please refer to the BugID and PatchID when requesting patches from Sun
answer centers.

Please refer to the information below for additional information.
--------------------------------------------------------------------------

Sun Bug ID  : 1069497
Synopsis    : a bug exists in SunOS 4.0.3, 4.1 and 4.1.1 in the rdist(1)
              command which allows users to gain unauthorized root access. 
Sun Patch ID: 100383-02
Checksum of compressed tarfile 1001383-02.tar.Z on uunet.uu.net = 57614   323

If you do not use rdist at this time it is advisable to reset the permissions
to 0100 for /usr/ucb/rdist. It is also advisable to get the latest version
via uunet.uu.net or through your local Sun answer center, in the event of
future need of the rdist command. Please refer to the README of patch 100383-02 
for additional details.

Brad Powell
Sun Microsystems 
Software Security Coordinator.