Secunia Security Advisory - A security issue has been reported in HP-UX, which can lead to an insecure configuration.
0344d3119b610ea986240699a3764d94639c615f9f6a53ec6b4534bfb0225297
----------------------------------------------------------------------
Want a new job?
http://secunia.com/secunia_security_specialist/
http://secunia.com/hardcore_disassembler_and_reverse_engineer/
International Partner Manager - Project Sales in the IT-Security
Industry:
http://corporate.secunia.com/about_secunia/64/
----------------------------------------------------------------------
TITLE:
HP-UX System Administration Manager Security Issue
SECUNIA ADVISORY ID:
SA31309
VERIFY ADVISORY:
http://secunia.com/advisories/31309/
CRITICAL:
Less critical
IMPACT:
Security Bypass
WHERE:
>From local network
OPERATING SYSTEM:
HP-UX 11.x
http://secunia.com/product/138/
DESCRIPTION:
A security issue has been reported in HP-UX, which can lead to an
insecure configuration.
The security issue is caused due to an error if the System
Administration Manager (SAM) is used to configure NFS. This can
result in an insecure configuration allowing unintended access to all
systems.
The security issue is reported in HP-UX B.11.11 and B.11.23 running
SAM.
SOLUTION:
HP-UX B.11.11 (11i v1):
Install PHCO_36562 or subsequent and change NFS configuration as
needed.
HP-UX B.11.23 (11i v2):
Install PHCO_36563 or subsequent and change NFS configuration as
needed.
PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.
ORIGINAL ADVISORY:
HPSBUX02286 SSRT071466:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01367453
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------