exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

002

002
Posted Sep 23, 1999

002

SHA-256 | 1d9f7c111e19745fdd8f6baa49780cfb34f9d055c4e137973d8947fd2fbb4073

002

Change Mirror Download
From support@us.external.hp.com Wed Mar 13 01:01:40 1996
Date: Wed, 13 Mar 1996 01:09:35 -0800
From: HPSL Mail Service <support@us.external.hp.com>
Reply to: support-feedback@us.external.hp.com
To: Damien Sorder <jericho@netcom.com>
Subject: RE: send doc HPSBUX9312-002

--------
## Regarding your request:
Send Doc HPSBUX9312-002

The following are the results of your request from the HP SupportLine mail
service.

===============================================================================
Document Id: [HPSBUX9312-002]
Date Loaded: [02-05-94]

Description: Security Vulnerability in Xterm
===============================================================================

-------------------------------------------------------------------------
HEWLETT-PACKARD SECURITY BULLETIN: #00002, 30 November 93
REVISED 01 December 93
-------------------------------------------------------------------------

_______________________________________________________________________
PROBLEM: Security vulnerability in xterm in all releases of HP-UX
PLATFORM: HP 9000 series 300/400s and 700/800s
DAMAGE: A vulnerability in the logging function of xterm exists
if the xterm operates as a setuid or setgid process.
The vulnerability allows local users to create files or
modify any existing files.
SOLUTION: Apply patch PHSS_3399 (series 700/800, HP-UX 9.x), or
PHNE_3408 (series 700 , HP-UX 8.x), or
PHNE_3409 (series 800 , HP-UX 8.x), or
PHSS_3410 (series 300/400, HP-UX 9.x), or
PHSS_3411 (series 300/400, HP-UX 8.x), or
remove the setuid permissions from xterm (releases of HP-UX
prior to 8.0)
Note: Removing the setuid permissions may create another
vulnerability. The only solution without known
or suspected vulnerabilities is to install the patch.
AVAILABILITY: PHSS_3399 and PHSS_3410 are available now. The other
patches are estimated to be available by 07 December.
_______________________________________________________________________
I. Xterm Update


A. Recent CERT advisory on Xterm

A recent CERT advisory (CERT CA-93:17) described a vulnerability
in the logging function of xterm for X Version 11, Release 5 (X11R5)
and earlier versions of X11. The vulnerability allows local users
to create files or modify any existing files. If the setuid or setgid
privilege bit is not set on the xterm program, the vulnerability cannot
be exploited.

It has been found that all HP-UX systems have this xterm
vulnerability.

B. Fixing the problem

The vulnerability can be eliminated from releases 8.x and 9.x of
HP-UX by applying a patch. Releases of HP-UX prior to 8.0 must
modify the xterm permissions (chmod 555 /usr/bin/X11/xterm).

Hewlett-Packard recommends that all customers concerned with the
security of their HP-UX systems either apply the appropriate
patch or change the xterm permissions as soon as possible.

Removing the setuid permission from xterm prevent it from
making entries in utmp. This means that commands that depend
on utmp, such as who(1), may not function as expected.

C. How to Install the Patch (for HP-UX 8.x and 9.x)

(NOTE: Since some patches will not be available until about
December 07, HP-UX 8.x and 9.x systems can be protected until
that time by removing the setuid permissions from xterm.)

1. Determine which patch is appropriate for your hardware platform
and operating system:

PHSS_3399 (series 700/800, HP-UX 9.x)
PHNE_3408 (series 700 , HP-UX 8.x)
PHNE_3409 (series 800 , HP-UX 8.x)
PHSS_3410 (series 300/400, HP-UX 9.x)
PHSS_3411 (series 300/400, HP-UX 8.x)

2. Get a copy of the patch from one of the following locations:

a. Auto-Patch Email
If you know the name of the patch needed, Email to
hprc_patch@hprc.atl.hp.com with the subject of the message
stated as "patch phkl_9999 rchandle" where phkl_9999 is the patch
name, rchandle is your Response Center system identifier or
company name if you are not currently under Response
Center support. It will automatically be emailed back to you.

b. HP SupportLine

Effective early 1993, all new patches are loaded on HPSL. If
you don't have HPSL access or need to know how to sign on, in
the U.S. you can call the following numbers:

Response Center Customers: 1-800-633-3600
BasicLine Customers: 1-415-691-3888

Outside the U.S., contact your local Response Center.

Note that a list of patches can be obtained at any time by
emailing to hprc_patch@hprc.atl.hp.com with the subject of
the message stated as "p-list rchandle", where rchandle is
your Response Center system identifier or your company name
if you are not currently under Response Center support.
The list will automatically be emailed back to you. The list
includes a short description of the patch. A more detailed
patch description is included in the patch itself.

3. Apply the patch to your HP-UX system.

4. Examine /tmp/update.log for any relevant WARNINGs or ERRORs. This
can be done as follows:

a. At the shell prompt, type "tail -60 /tmp/update.log | more"
b. Page through the next three screens via the space bar, looking
for WARNING or ERROR messages.



D. Impact of the patch and workaround

The patch for HP-UX releases 8.x and 9.x provides a new version of
/usr/lib/X11/xterm which fixes the vulnerability. No patches will be
available for versions of HP-UX prior to 8.0.
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close