the original cloud security

96-08

96-08
Posted Sep 23, 1999

96-08

MD5 | 6c8e11dec7b8504e2c298a5cfbd62a86

96-08

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----

- ---EXTERNAL RELEASE---EXTERNAL RELEASE---EXTERNAL RELEASE---EXTERNAL RELEASE---

======= ============ ====== ======
======= ============== ======= =======
=== === ==== ====== ======
=== =========== ======= =======
=== =========== === ======= ===
=== === ==== === ===== ===
======= ============== ===== === =====
======= ============ ===== = =====

EMERGENCY RESPONSE SERVICE
OUTSIDE ADVISORY REDISTRIBUTION

25 July 1996 12:00 GMT Number: ERS-OAR-E01-1996:008.1
===============================================================================

The IBM-ERS Outside Advisory Redistribution is designed to provide customers
of the IBM Emergency Response Service with access to the security advisories
sent out by other computer security incident response teams, vendors, and
other groups concerned about security.

IBM makes no representations and assumes no responsibility for the contents or
accuracy of the advisories themselves.

IBM-ERS is forwarding the following information from Hewlett-Packard. Contact
information for Hewlett-Packard is included in the forwarded text below; please
contact them if you have any questions or need further information.

===============================================================================

********************** FORWARDED INFORMATION STARTS HERE **********************

===============================================================================
***HP SupportLine Mail Service Notice***

This digest contains a summary of all newly received Security Bulletins.

You do not have to have any form of support from Hewlett-Packard to subscribe
to this digest or to procure the recommended patches via the HP SupportLine
mail service.

- -------------------------------------------------------------------------------

To obtain a copy of the HP SupportLine mail service user's guide, send the
following (in the TEXT PORTION OF THE MESSAGE to) to the HP SupportLine mail
service.

To: support@us.external.hp.com

Message Text:

send guide

- -------------------------------------------------------------------------------

To obtain a patch identified within this Security Bulletin, send the following
(in the TEXT PORTION OF THE MESSAGE) to the HP SupportLine mail service.

To: support@us.external.hp.com

Message Text:

send xxxxxxxxxxxx

(where xxxxxxxxxxxx represents the specified patch name).

- -------------------------------------------------------------------------------

If you have concerns about security issues, please forward them to:

security-alert@hp.com

The security-alert node is monitored during working hours Pacific Daylight Time
by multiple HP Security Response Team personnel. We reply to your message only
if necessary to obtain additional information.

- -------------------------------------------------------------------------------

If you would like to be REMOVED from this mailing lists, send the following (in
the TEXT PORTION OF THE MESSAGE) to the HP SupportLine mail service.

To: support@us.external.hp.com

Message Text:

unsubscribe security_info

===============================================================================

Digest Name: security_info
Description: Daily Security Bulletins Digest
Created: Wed Jul 24 03:00:01 1996 PDT

- -------------------------------------------------------------------------------
Summary of 'Daily Security Bulletins Digest' documents
- -------------------------------------------------------------------------------
Document Id Description Page 1
- -------------------------------------------------------------------------------
HPSBUX9607-035 Security Vulnerability in nettune executable
HPSBUX9607-034 Security Vulnerability in SAM remote admin
===============================================================================
Detailed list of 'Daily Security Bulletins Digest' documents
===============================================================================
Document Id: [HPSBUX9607-035]
Date Loaded: [07-24-96]

Description: Security Vulnerability in nettune executable
===============================================================================

- -------------------------------------------------------------------------
HEWLETT-PACKARD SECURITY ADVISORY: HPSBU0796-035, 22 July 1996
- -------------------------------------------------------------------------

The information in the following Security Advisory should be acted upon
as soon as possible. Hewlett Packard will not be liable for any
consequences to any customer resulting from customer's failure to fully
implement instructions in this Security Advisory as soon as possible.

- -------------------------------------------------------------------------
PROBLEM: Incorrect permissions on nettune executable

PLATFORM: HP 9000/700 and 9000/800 systems running operating system
version 10.0 or 10.01 of HP-UX.

DAMAGE: The configuration of various networking parameters could be
modified by non-root users.

SOLUTION: Login as root user and issue the following commands:

chmod 555 /usr/contrib/bin/nettune
chown bin /usr/contrib/bin/nettune

AVAILABILITY: Not applicable

- -------------------------------------------------------------------------

I. Nettune

A. Background

The nettune program is a utility program that allows non-root
users to examine and root users to modify several items that
affect networking. The nettune binary that ships with HP-UX
10.0 and 10.01 has incorrect permission attributes that allow
non-root users to modify networking parameters which only root
users should be able to modify. Operating systems released
after 10.01, such as HP-UX 10.10, correctly set the permissions
on this program file and are therefore not vulnerable.


B. Fixing the problem

The fix for this problem is to modify the owner and execution
permissions of the nettune binary itself. This can easily be
accomplished using the chown and chmod commands listed below.


C. Recommended solution

Login as root user and issue the following commands:

chmod 555 /usr/contrib/bin/nettune
chown bin /usr/contrib/bin/nettune


D. To subscribe to automatically receive future NEW HP Security
Bulletins from the HP SupportLine mail service via electronic
mail, send an email message to:

support@us.external.hp.com (no Subject is required)

Multiple instructions are allowed in the TEXT PORTION OF THE
MESSAGE, here are some basic instructions you may want to use:

To add your name to the subscription list for new security
bulletins, send the following in the TEXT PORTION OF THE MESSAGE:

subscribe security_info

To retrieve the index of all HP Security Bulletins issued to
date, send the following in the TEXT PORTION OF THE MESSAGE:

send security_info_list

To get a patch matrix of current HP-UX and BLS security
patches referenced by either Security Bulletin or Platform/OS,
put the following in the text portion of your message:

send hp-ux_patch_matrix

World Wide Web service for browsing of bulletins
is available via our URL:
(http://us.external.hp.com)

Choose "Support news", then under Support news,
choose "Security Bulletins"


E. To report new security vulnerabilities, send email to

security-alert@hp.com

Please encrypt exploit information using the security-alert PGP
key, available from your local key server, or by sending a
message with a -subject- (not body) of 'get key' (no quotes) to
security-alert@hp.com.


Permission is granted for copying and circulating this Bulletin to
Hewlett-Packard (HP) customers (or the Internet community) for the
purpose of alerting them to problems, if and only if, the Bulletin
is not edited or changed in any way, is attributed to HP, and
provided such reproduction and/or distribution is performed for
non-commercial purposes.

Any other use of this information is prohibited. HP is not liable
for any misuse of this information by any third party.

===============================================================================
Document Id: [HPSBUX9607-034]
Date Loaded: [07-24-96]

Description: Security Vulnerability in SAM remote admin
===============================================================================

- -----------------------------------------------------------------------
HEWLETT-PACKARD SECURITY BULLETIN: #HPSBUX9607-034, 22 July 1996
- -----------------------------------------------------------------------

The information in the following Security Bulletin should be acted upon
as soon as possible. Hewlett Packard will not be liable for any
consequences to any customer resulting from customer's failure to fully
implement instructions in this Security Bulletin as soon as possible.

- -----------------------------------------------------------------------
PROBLEM: Vulnerabilities in SAM remote administration.
PLATFORM: HP 9000/300/400/700 and 800 systems running any currently
supported version of HP-UX 9.X and 10.X.
DAMAGE: The security of the enterprise and its applications could
be compromised.
SOLUTION: Follow the procedure below.

AVAILABILITY: Not applicable

- -----------------------------------------------------------------------
I. Mailing list discussions

A. Background

It has recently come to the attention of Hewlett-Packard that
remote administration of cluster nodes via SAM (System
Administration Manager) is done with a now widely known
password. There is a default account password used in the
currently shipping SAM binary. That user gets created via rsh
on the remote machine.

B. Recommended workaround

Hewlett-Packard strongly recommends that administrators concerned
with the security of their enterprise either:
a) do not configure remote administration, or
b) replace that existing password field in /etc/passwd with an
asterisk (*)

Hewlett-Packard is working to deliver new scheme in a future
release of the SAM product.

C. To subscribe to automatically receive future NEW HP Security
Bulletins from the HP SupportLine mail service via electronic
mail, send an email message to:

support@us.external.hp.com (no Subject is required)

Multiple instructions are allowed in the TEXT PORTION OF THE
MESSAGE, here are some basic instructions you may want to use:

To add your name to the subscription list for new security
bulletins, send the following in the TEXT PORTION OF THE MESSAGE:

subscribe security_info

To retrieve the index of all HP Security Bulletins issued to
date, send the following in the TEXT PORTION OF THE MESSAGE:

send security_info_list

To get a patch matrix of current HP-UX and BLS security
patches referenced by either Security Bulletin or Platform/OS,
put the following in the text portion of your message:

send hp-ux_patch_matrix

World Wide Web service for browsing of bulletins
is available via our URL:
(http://us.external.hp.com)

Choose "Support news", then under Support news,
choose "Security Bulletins"


D. To report new security vulnerabilities, send email to

security-alert@hp.com

Please encrypt exploit information using the security-alert PGP
key, available from your local key server, or by sending a
message with a -subject- (not body) of 'get key' (no quotes) to
security-alert@hp.com.


Permission is granted for copying and circulating this Bulletin to
Hewlett-Packard (HP) customers (or the Internet community) for the
purpose of alerting them to problems, if and only if, the Bulletin
is not edited or changed in any way, is attributed to HP, and
provided such reproduction and/or distribution is performed for
non-commercial purposes.

Any other use of this information is prohibited. HP is not liable
for any misuse of this information by any third party.

*********************** FORWARDED INFORMATION ENDS HERE ***********************

===============================================================================

IBM's Internet Emergency Response Service (IBM-ERS) is a subscription-based
Internet security response service that includes computer security incident
response and management, regular electronic verification of your Internet
gateway(s), and security vulnerability alerts similar to this one that are
tailored to your specific computing environment. By acting as an extension
of your own internal security staff, IBM-ERS's team of Internet security
experts helps you quickly detect and respond to attacks and exposures across
your Internet connection(s).

As a part of IBM's Business Recovery Services organization, the IBM Internet
Emergency Response Service is a component of IBM's SecureWay(tm) line of
security products and services. From hardware to software to consulting,
SecureWay solutions can give you the assurance and expertise you need to
protect your valuable business resources. To find out more about the IBM
Internet Emergency Response Service, send an electronic mail message to
ers-sales@vnet.ibm.com, or call 1-800-742-2493 (Prompt 4).

IBM-ERS maintains a site on the World Wide Web at http://www.ers.ibm.com/.
Visit the site for information about the service, copies of security alerts,
team contact information, and other items.

IBM-ERS uses Pretty Good Privacy* (PGP*) as the digital signature mechanism for
security vulnerability alerts and other distributed information. The IBM-ERS
PGP* public key is available from http://www.ers.ibm.com/team-info/pgpkey.html.
"Pretty Good Privacy" and "PGP" are trademarks of Philip Zimmerman.

IBM-ERS is a Member Team of the Forum of Incident Response and Security Teams
(FIRST), a global organization established to foster cooperation and response
coordination among computer security teams worldwide.

The information in this document is provided as a service to customers of
the IBM Emergency Response Service. Neither International Business Machines
Corporation, Integrated Systems Solutions Corporation, nor any of their
employees, makes any warranty, express or implied, or assumes any legal
liability or responsibility for the accuracy, completeness, or usefulness of
any information, apparatus, product, or process contained herein, or
represents that its use would not infringe any privately owned rights.
Reference herein to any specific commercial products, process, or service by
trade name, trademark, manufacturer, or otherwise, does not necessarily
constitute or imply its endorsement, recommendation or favoring by IBM or
its subsidiaries. The views and opinions of authors expressed herein do not
necessarily state or reflect those of IBM or its subsidiaries, and may not be
used for advertising or product endorsement purposes.

- ---EXTERNAL RELEASE---EXTERNAL RELEASE---EXTERNAL RELEASE---EXTERNAL RELEASE---

-----BEGIN PGP SIGNATURE-----
Version: 2.7.1

iQCVAwUBMfdf7/WDLGpfj4rlAQFiCgQAy2nJUqK2nQdQl+lAzZFSYtk9twkspyZj
ftUAfl3nWXsD1f8xnz87qe97/c2cVS7JCE0W7iWh3k9O5w9nalXqe/7lSGPXb72S
QWHMoWdgJKY2aNOOXL0OPRTQHCIsoz2RBEnkNGX7T4FUsieAYlA/anTxV6qtiV2E
SVSQQk3FtNE=
=kvv3
-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    6 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close