Search:

September 2007

3400 - Hewlett Packard Advisories

ID: 3400
Date: 21 September 2007 12:59

Title: 3400 - Hewlett Packard Advisories
Abstract: Release of several Hewlett Packard security advisories.
Vendors affected:Hewlett Packard
Applications affected:HP System Management Homepage (SMH) for Windows, HP-UX Running Firefox, HP-UX Running logins(1M), HP-UX Running BIND, HP-UX Running the Ignite-UX or the DynRootDisk (DRD) get_system_info Command
Availability of fix: Available
Type of fix: Patch
Source: Hewlett Packard
Reliability of source: Trusted

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c01164065
Version: 1

HPSBMA02258 SSRT071470 rev.1 - HP System Management Homepage (SMH) for Windows, Incomplete Update Installation

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2007-09-10
Last Updated: 2007-09-12

Potential Security Impact: Incomplete update installation

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP System Management Homepage (SMH) for Windows on systems which are also running HP Version Control Agent (VCA) or Version Control Repository Manager (VCRM). The vulnerability may result in the incomplete installation of OpenSSL updates, including security updates.

References: none

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP System Management Homepage (SMH) on Windows systems which are also running HP Version Control Agent (VCA) or Version Control Repository Manager (VCRM)

BACKGROUND

Updates to HP System Management Homepage (SMH) on Windows systems which are also running HP Version Control Agent (VCA) or Version Control Repository Manager (VCRM) may leave the previous OpenSSL software active in memory until the system is rebooted.

RESOLUTION
To avoid leaving potentially vulnerable OpenSSL software active in memory, always reboot a Windows system running SMH and VCA or VCRM immediately after installing an update to SMH.

PRODUCT SPECIFIC INFORMATION

HISTORY:
Version:1 (rev.1) - 12 September 2007 Initial Release

Third Party Security Patches: Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

Support: For further information, contact normal HP Services support channel.

Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.
To get the security-alert PGP key, please send an e-mail message as
follows:
To: security-alert@hp.com
Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email:
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=
USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC
On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches
-check ALL categories for which alerts are required and continue.
Under Step2: your ITRC operating systems
-verify your operating system selections are checked and save.

To update an existing subscription:
http://h30046.www3.hp.com/subSignIn.php
Log in on the web page: Subscriber's choice for Business: sign-in.
On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

To review previously published Security Bulletins visit:
http://www.itrc.hp.com/service/cki/secBullArchive.do

* The Software Product Category that this Security Bulletin relates to
is represented by the 5th and 6th characters of the Bulletin number in
the title:

GN = HP General SW
MA = HP Management Agents
MI = Misc. 3rd Party SW
MP = HP MPE/iX
NS = HP NonStop Servers
OV = HP OpenVMS
PI = HP Printing & Imaging
ST = HP Storage SW
TL = HP Trusted Linux
TU = HP Tru64 UNIX
UX = HP-UX
VV = HP VirtualVault

System management and security procedures must be reviewed frequently to
maintain system integrity. HP is continually reviewing and enhancing the
security features of software products to provide customers with current
secure solutions.

"HP is broadly distributing this Security Bulletin in order to bring to
the attention of users of the affected HP products the important
security information contained in this Bulletin. HP recommends that all
users determine the applicability of this information to their
individual situations and take appropriate action. HP does not warrant
that this information is necessarily accurate or complete for all user
situations and, consequently, HP will not be responsible for any damages
resulting from user's use or disregard of the information provided in
this Bulletin. To the extent permitted by law, HP disclaims all
warranties, either express or implied, including the warranties of
merchantability and fitness for a particular purpose, title and
non-infringement."

(c)Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial
errors or omissions contained herein. The information provided is
provided "as is" without warranty of any kind. To the extent permitted
by law, neither HP or its affiliates, subcontractors or suppliers will
be liable for incidental,special or consequential damages including
downtime cost; lost profits;damages relating to the procurement of
substitute products or services; or damages for loss of data, or
software restoration. The information in this document is subject to
change without notice. Hewlett-Packard Company and the names of
Hewlett-Packard products referenced herein are trademarks of
Hewlett-Packard Company in the United States and other countries. Other
product and company names mentioned herein may be trademarks of their
respective owners.

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRup/h+AfOvwtKn1ZEQIG7wCfcV9y+JLy5Cn0x3mzlkzhg3+bzdQAnjGN
lI8XfxkMzDH0Gw6Rcww4zxPm
=Fdy/
-----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c00771742
Version: 6

HPSBUX02153 SSRT061181 rev.6 - HP-UX Running Firefox, Remote Unauthorized Access or Elevation of Privileges or Denial of Service (DoS)

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2006-09-20
Last Updated: 2007-09-17

Potential Security Impact: Remote unauthorized access or elevation of privileges or Denial of Service (DoS)

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified in Firefox running on HP-UX. These vulnerabilities could be exploited remotely resulting in unauthorized access, elevation of privileges, or Denial of Service (DoS).

References: Mozilla Foundation Security Advisory (MFSA) 2006-20, 2006-22 to 2006-25, 2006-27 to 2006-39, 2006-41 to 2006-48, 2006-50 to 2006-62, 2006-64 to 2006-73, 2006-75, 2006-76, 2007-01 to 2007-09, 2007-11 to 2007-27.

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
- ->Firefox prior to v2.0.0.6 running on HP-UX B.11.11 and B.11.23.

BACKGROUND
For a PGP signed version of this security bulletin please write to: security-alert@hp.com

For further information please refer to: http://www.mozilla.org/projects/security/known-vulnerabilities.html

AFFECTED VERSIONS

HP-UX B.11.11
HP-UX B.11.23
============
Firefox.FFOX-COM
- ->action: install revision 2.0.0.6 or subsequent
- -> URL: ftp://ftp.mozilla.org/pub/mozilla.org/firefox/releases/2.0.0.6/contrib/

END AFFECTED VERSIONS

RESOLUTION
- ->Preliminary versions of Firefox v2.0.0.6 are available to resolve the potential vulnerabilities. These preliminary versions have received minimal testing and are localized for English only. The preliminary versions are available for download from the following url:
ftp://ftp.mozilla.org/pub/mozilla.org/firefox/releases/2.0.0.6/contrib/

For HP-UX B.11.23 (IA):
- -> ffox_200600alpha_ia.depot
- -> ffox_200600alpha_ia.depot.readme

For HP-UX B.11.11 and B.11.23 (PA):
- -> ffox_200600alpha_pa.depot
- -> ffox_200600alpha_pa.depot.readme

- ->This security bulletin will be revised when fully tested and localized versions of Firefox v2.0.0.6 or subsequent for HP-UX are available.

- ->The most recent fully tested and localized Firefox (v2.0.0.4) is available here:
http://www.hp.com/products1/unix/java/firefox/index.html

MANUAL ACTION: Yes - Update
- ->Install Firefox v2.0.0.6

PRODUCT SPECIFIC INFORMATION

HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa

HISTORY
Version:1 (rev.1) - 20 September 2006 Initial release
Version:2 (rev.2) - 29 November 2006 preliminary Firefox v1.5.0.8 available
Version:3 (rev.3) - 27 February 2007 preliminary Firefox v1.5.0.9 available
Version:4 (rev.4) - 18 July 2007 preliminary Firefox v2.0.0.4 available
Version:5 (rev.5) - 22 August 2007 fully tested and localized Firefox v2.0.0.4 available
Version:6 (rev.6) - 17 September 2007 preliminary Firefox v2.0.0.6 available

Support: For further information, contact normal HP Services support channel.

Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email:
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC
On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches
- check ALL categories for which alerts are required and continue.
Under Step2: your ITRC operating systems
- verify your operating system selections are checked and save.

To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php
Log in on the web page: Subscriber's choice for Business: sign-in.
On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRu7fmeAfOvwtKn1ZEQLqCACgja4PqjL61FD904sMWBo1P9XVBogAn0KB
wbPbv73o33SZAGaSYqXyBEqX
=z/C4
-----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c01167886
Version: 1

HPSBUX02259 SSRT071439 rev.1 - HP-UX Running logins(1M), Remote Unauthorized Access

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2007-09-18
Last Updated: 2007-09-18

Potential Security Impact: Remote unauthorized access.

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
A potential security vulnerability has been identified in HP-UX running the logins(1M) command. This command incorrectly reports password status. As a result password issues may not be detected, allowing remote unauthorized access.

References: none

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.11, B.11.23, B.11.31 running logins(1M)

BACKGROUND

The logins(1m) command incorrectly reports password status. As a result password issues may not be detected, allowing remote unauthorized access.

To determine if an HP-UX system has an affected version, search the output of "swlist -a revision -l fileset" for one of the filesets listed below. For affected systems verify that the recommended action has been taken.

AFFECTED VERSIONS

HP-UX B.11.11
=============
SOE.SOE
action: install PHCO_36809 or subsequent

HP-UX B.11.23
=============
SOE.SOE
action: install PHCO_36808 or subsequent

HP-UX B.11.31
=============
SOE.SOE
action: install PHCO_36003 or subsequent

END AFFECTED VERSIONS

RESOLUTION
HP has made the following patches available to resolve the issue.
The patches are available on: http://itrc.hp.com

B.11.11 PHCO_36809 or subsequent
B.11.23 PHCO_36808 or subsequent
B.11.31 PHCO_36003 or subsequent

MANUAL ACTIONS: No

PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa

HISTORY
Version: 1 (rev.1) - 18 September 2007 Initial release

Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.
To get the security-alert PGP key, please send an e-mail message as follows:
To: security-alert@hp.com
Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email:
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC
On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches
-check ALL categories for which alerts are required and continue.
Under Step2: your ITRC operating systems
-verify your operating system selections are checked and save.

To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php
Log in on the web page: Subscriber's choice for Business: sign-in.
On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

(c)Copyright 2007 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRvEwTuAfOvwtKn1ZEQKphwCgsp88BcR8gBECRJL75E/Bx82nkbgAn3yF
6uItIyJU865k5zeF/dfNmPgJ
=kpvL
-----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c01123426
Version: 2

HPSBUX02251 SSRT071449 rev.2 - HP-UX Running BIND, Remote DNS Cache Poisoning

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2007-08-01
Last Updated: 2007-09-10

Potential Security Impact: Remote DNS cache poisoning

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
A potential vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to cause DNS cache poisoning.

References: CVE-2007-2926

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.11, B.11.23, B.11.31 running BIND v9.2 or BIND v9.3

BACKGROUND

To determine if a system has an affected version, search the output of "swlist -a revision -l fileset" for an affected fileset. Then determine if the recommended patch or update is installed.

AFFECTED VERSIONS

For BIND v9.2.0

HP-UX B.11.11
=============
BINDv920.INETSVCS-BIND
- ->action: install BIND920_v10.depot

HP-UX B.11.23
=============
InternetSrvcs.INETSVCS2-RUN
- ->action: install PHNE_36973 or subsequent

For BIND v9.3.2

HP-UX B.11.11
=============
BindUpgrade.BIND-UPGRADE
- ->action: install revision C.9.3.2.2.0 or subsequent
URL: http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=BIND

HP-UX B.11.23
=============
BindUpgrade.BIND2-UPGRADE
- ->action: install revision C.9.3.2.2.0 or subsequent
URL: http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=BIND

HP-UX B.11.31
=============
NameService.BIND-RUN
action: install named binary file

END AFFECTED VERSIONS

RESOLUTION
HP has provided the following software updates and patches to resolve the vulnerability.

The patch is available from http://itrc.hp.com

The updates are available from http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=BIND

- ->BIND v9.2.0
HP-UX B.11.11
contact HP Support to receive BIND920_v10.depot or upgrade to BIND v9.3.2 revision C.9.3.2.2.0 or subsequent

- ->BIND v9.2.0
HP-UX B.11.23
install PHNE_36973 or subsequent

- ->BIND v9.3.2
HP-UX B.11.11
install revision C.9.3.2.2.0 or subsequent

- ->BIND v9.3.2
HP-UX B.11.23
install revision C.9.3.2.2.0 or subsequent

BIND v9.3.2
HP-UX B.11.31
install named as discussed below

Until a patch or upgrade is released for HP-UX B.11.31, HP has made binary files available to resolve the vulnerability. Please use the following process to download and install the binary file.

1. Download the appropriate named file from this ftp site into a secure directory:
ftp://ss071449:ss071449@hprc.external.hp.com/

2. Unpack using gunzip and verify the cksum or md5sum:

1406468692 4225172 named_9.3.2_11.31IA
400611368 2269184 named_9.3.2_11.31PA

MD5 (named_9.3.2_11.31IA) = 9bd93b513fde895ebc32602824db3341
MD5 (named_9.3.2_11.31PA) = 81041c98b5699d90e0d90cca14f90d18

3. Stop the DNS server:

If named is normally started and stopped during system reboot, use this command:
/sbin/init.d/named stop

If rndc is in use, from the managing server issue ths command:
rndc stop

If not using rndc enter this command as root on the system running named:
sig_named kill

4. Confirm that named is no longer running:

ps -ef | grep named
Ignore any lines containing 'grep named'.

5. Replace named with the appropriate downloaded file.

Confirm that the downloaded file has permissions/ower/group of '544 bin bin'. Set the ownership and permissions if necessary.

cp <downloaded file> /usr/sbin/named

6. Restart named

If named is normally started during the system reboot: /sbin/init.d/named start

Otherwise, restart named using procedures established for the system.

MANUAL ACTIONS: Yes - NonUpdate
BIND v9.2.0 HP-UX B.11.11 - contact HP Support or upgrade to BIND v9.3.2 BIND v9.3.2 HP-UX B.11.31 - install named file

PRODUCT SPECIFIC INFORMATION

HISTORY
Version: 1 (rev.1) - 1 August 2007 Initial release
Version: 2 (rev.2) - 10 September 2007 patch and updates available

Third Party Security Patches:
Third party security patches which are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

Support: For further information, contact normal HP Services support channel.

To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php
Log in on the web page: Subscriber's choice for Business: sign-in.
On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

iQA/AwUBRvJxzOAfOvwtKn1ZEQK3rwCgjVNsRwinVAyQUv9Fa3C2ySCgCRIAoIkM
AchhoiHbS0dhICr3fuQ2WLPZ
=OQ71
-----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c01118367
Version: 2

HPSBUX02249 SSRT071442 rev.2 - HP-UX Running the Ignite-UX or the DynRootDisk (DRD) get_system_info Command, Local Unqualified Configuration Change

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2007-08-20
Last Updated: 2007-09-12

Potential Security Impact: Local unqualified configuration change

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
A potential security vulnerability has been identified in HP-UX running the Ignite-UX or the DynRootDisk (DRD) get_system_info command. This command can change system networking parameters without notification.

References: none

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.11, B.11.23, B.11.31 running the Ignite-UX vC.7.0, vC.7.1, vC.7.2, vC.7.3 or the DynRootDisk (DRD) vA.1.0.16.417, vA.1.0.18.245, vA.1.1.0.344, vA.2.0.0.592 get_system_info command.

BACKGROUND

The get_system_info command is executed by the following commands:
make_net_recovery
make_tape_recovery
save_config
drd

AFFECTED VERSIONS

HP-UX B.11.11
HP-UX B.11.23
HP-UX B.11.31
=============
Ignite-UX.MGMT-TOOLS,revision=C.7.0.212
- ->Ignite-UX.MGMT-TOOLS,revision=C.7.1.93
- ->Ignite-UX.MGMT-TOOLS,revision=C.7.2.94
Ignite-UX.MGMT-TOOLS,revision=C.7.3.144
action: use the script from the Resolution to work around the vulnerability

HP-UX B.11.23
HP-UX B.11.31
=============
DRD.DRD-RUN,revision=A.1.0.16.417
DRD.DRD-RUN,revision=A.1.0.18.245
DRD.DRD-RUN,revision=A.1.1.0.344
DRD.DRD-RUN,revision=A.2.0.0.592
action: use the script from the Resolution to work around the vulnerability

END AFFECTED VERSIONS

RESOLUTION
Until an update is available, HP has made the following workaround procedure available to resolve the issue.

- -> Note: The script has changed. The script recommended in rev.1 of this Security Bulletin did not correctly check the HP Ignite-UX revision number. The original script would only install itself on HP Ignite-UX revision C.7.3.144. The new script documented below will work properly on all vulnerable revisions of HP Ignite-UX. Either the old or new script will work correctly with DynRootDisk.

- ->The procedure below moves the get_system_info program to another directory and replaces it with a script. The script temporarily disables the autopush program, runs the original get_system_info, and then enables autopush. By running the original get_system_info program with antopush disabled the vulnerability is avoided. More details are documented in the script.

1. Download the script "get_system_info.wrapper" from the following ftp site:
ftp://ss071442:ss071442@hprc.external.hp.com/

2 .Verify the cksum or md5 sum:
- ->cksum: 2284708550 5344 get_system_info.wrapper
- ->MD5 (get_system_info.wrapper) = 6ed1dfc6508e2cb45f8624a8ed31611f

- ->The new script contains this line:
# @(#) $Date: 2007-09-11 10:30:49 -0600 (Tue, 11 Sep 2007) $ $Revision: 71524 $

3. As root, copy the script into a secure directory.

4. As root, run the script. The script will display the files it is replacing.

For example:

#$secure_directory/get_system_info.wrapper
Replacing /opt/ignite/lbin/get_system_info with $secure_directory/get_system_info.wrapper
Replacing /opt/drd/lbin/get_system_info with $secure_directory/get_system_info.wrapper

where $secure_directory is the path to the secure directory containing the script.

5. The script must be executed whenever a vulnerable version of the fileset Ignite-UX.MGMT-TOOLS or the fileset DRD.DRD-RUN is reinstalled.

MANUAL ACTIONS: Yes - NonUpdate
Use script in Resolution section to work around the vulnerability

PRODUCT SPECIFIC INFORMATION

HISTORY
Version: 1 (rev.1) - 20 August 2007 Initial release
Version: 2 (rev.2) - 12 September 2007 new script, corrected revision numbers

Support: For further information, contact normal HP Services support channel.

Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email:
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC
On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches
-check ALL categories for which alerts are required and continue.
Under Step2: your ITRC operating systems
-verify your operating system selections are checked and save.

To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php
Log in on the web page: Subscriber's choice for Business: sign-in.
On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.

To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do

* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:

System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."

Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRvKAjOAfOvwtKn1ZEQJL8QCguqrBtCaURxza0THyJ6UJb3TPnCsAoJrl
FcfVhIiFSVH+XTKbNZfKphxr
=PFLh
-----END PGP SIGNATURE-----

This advisory contains information released by the original author. Some of the information may have changed since it was released. If the issue affects you, it may be prudent to retrieve the advisory from the site of the original source to ensure that you receive the most current information concerning that problem. Reference to any specific commercial product, process, or service by trade name, trademark manufacturer, or otherwise, does not constitute or imply its endorsement, recommendation, or favouring by CPNI.

The views and opinions of authors expressed within this notice shall not be used for advertising or product endorsement purposes. CPNI shall not accept responsibility for any errors or omissions contained within this advisory. In particular, they shall not be liable for any loss or damage whatsoever, arising from or in connection with the usage of information contained within this advisory.

CSIRTUK is a member of the Forum of Incident Response and Security Teams (FIRST) and has contacts with other international Incident Response Teams (IRTs) in order to foster cooperation and coordination in incident prevention, to prompt rapid reaction to incidents, and to promote information sharing amongst its members and the community at large.