Ignite-UX bug in HP-9000 Series700/800 running release HP-UX 11.X only. Each password field in /etc/passwd should be "*" in a trusted system. This is normally handled automatically. One way for the password field to be set to a blank is to create a system image of a trusted system with Ignite-UX and not save /etc/passwd.
b11a24cc1c75ed0842663732f1a37175e911393590dd0651271d4b3a4c315e19<!DOCTYPE HTML PUBLIC "html.dtd">
<HTML>
<BODY BGCOLOR="#000000" TEXT="#FFFFFF"><PRE>
<FONT COLOR="#CC0000">COMMAND</FONT>
Ignite-UX
<FONT COLOR="#CC0000">SYSTEMS AFFECTED</FONT>
HP-9000 Series700/800 running release HP-UX 11.X only
<FONT COLOR="#CC0000">PROBLEM</FONT>
Following is based on HP Support Information Digests. Trusted
systems may have vulnerabilities if a password field in
/etc/passwd is blank.
Each password field in /etc/passwd should be "*" in a trusted
system. This is normally handled automatically. One way for
the password field to be set to a blank is to create a system
image of a trusted system with Ignite-UX and not save /etc/passwd.
By default Ignite-UX omits /etc/passwd.
<FONT COLOR="#CC0000">SOLUTION</FONT>
In a trusted system if the system or the /etc/passwd file has been
restored, verify that the password fields in /etc/passwd are "*".
If Ignite-UX is used to create an image of a trusted system,
_override_the_default_ so that /etc/passwd is saved in the image.
See man(1M) make_sys_image and note the -f file option.
</PRE></BODY>
</HTML>
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed