________________________________________________________________ THE COMPUTER INCIDENT ADVISORY CAPABILITY CIAC ADVISORY NOTICE ________________________________________________________________ Notice of Availability of Patch for rwalld/wall Nearly one month ago, you received a bulletin from the Center for Computer Security in Los Alamos, in which you were informed of two security holes in the UNIX operating system. These holes are in tftp and rwalld. The Computer Incident Advisory Capability (CIAC) at LLNL has been advised that Sun Microsystems has a patch available for rwalld/wall. You must obtain this patch directly from Sun. To obtain this patch, call Trevor Goldfisher at Sun Microsystems, (415) 336-4971, or send email to trevorg@sun.COM Sun is continuing to work on the tftp hole. However, patching rwalld/wall substantially reduces the potential to exploit the tftp hole. All operations offices were notified of the availability of this security patch two weeks ago. Not every CPPM has been contacted, however, so I am sending this notice to every CPPM. Please ignore this notice if you have already been contacted by your operations office. Gene Schultz CIAC Team Leader (415) 422-8193 or FTS 532-8193 gschultz%nsspa@icdc.llnl.gov