015
fb1b804a59df7144591efe6331724b7cd09b1ede2bc74ed2c9a3f2dea78440a9
From support@us.external.hp.com Wed Mar 13 00:58:52 1996
Date: Wed, 13 Mar 1996 01:01:52 -0800
From: HPSL Mail Service <support@us.external.hp.com>
Reply to: support-feedback@us.external.hp.com
To: Damien Sorder <jericho@netcom.com>
Subject: RE: send doc HPSBUX9407-015
--------
## Regarding your request:
Send Doc HPSBUX9407-015
The following are the results of your request from the HP SupportLine mail
service.
===============================================================================
Document Id: [HPSBUX9407-015]
Date Loaded: [07-15-94]
Description: Xauthority problem
===============================================================================
-------------------------------------------------------------------------
HEWLETT-PACKARD SECURITY BULLETIN: #00015, 13 July 94
-------------------------------------------------------------------------
Hewlett-Packard recommends that the information in the following
Security Bulletin should be acted upon as soon as possible. Hewlett-
Packard will not be liable for any consequences to any customer resulting
from customer's failure to fully implement instructions in this Security
Bulletin as soon as possible.
_______________________________________________________________________
PROBLEM: Xauthority problem in series 700, hp-ux 9.X.
PLATFORM: HP 9000 700
DAMAGE: Under certain conditions Xauthority will not be enabled.
The vulnerability allows users logged onto the X server's
system to access the display without providing the
Xauthority code.
SOLUTION: Apply patch PHSS_4485 (hp-ux_patches/s700/9.X/PHSS_4485)
AVAILABILITY: PHSS_4485 is available now.
_______________________________________________________________________
How to Install the Patch
1. Get a copy of the patch from one of the following locations:
a. HP SupportLine Mail Service
To obtain the patch, send the following in the TEXT PORTION
OF THE MESSAGE to support@support.mayfield.hp.com
(no Subject is required):
send PHSS_4485
It will automatically be emailed back to you. Note that
users may also download the patch from HP SupportLine via
ftp, kermit, or uucp.
b. Response Center Support
If you need additional assistance and have a support
contract, you can contact your local Response Center for
further help.
2. The patch information is current as of July 13, 1994. You
should list the patch:
more PHSS_4485
If it has been replaced there will be banner text saying:
OBSOLETE
REPLACED
BY
PHSS_NNNN
3. Apply the patch to your HP-UX system. The complete instructions
for applying the patch are in PHSS_4485.text.
4. Examine /tmp/update.log for any relevant WARNINGs or ERRORs. This
can be done as follows:
a. At the shell prompt, type "tail -60 /tmp/update.log | more"
b. Page through the next three screens via the space bar, looking
for WARNING or ERROR messages.
-----------------------------------------------------------------------
To subscribe to automatically receive NEW future HP Security Bulletins
from the HP SupportLine mail service via electronic mail, send the
following in the TEXT PORTION OF THE MESSAGE to
support@support.mayfield.hp.com (no Subject is required):
subscribe security_info
To retrieve the index of all HP Security Bulletins, send the following:
send security_info_list
To obtain a copy of the HP SupportLine mail service user's guide,
send the following:
send guide.txt
For security concerns, write to:
security-alert@hp.com
###########################################################################