SSRT2384 rev.2 HP-UX RPC remote Denial of Service (DoS)
From: Security Alert (secure_at_hpchs.cup.hp.com)
Date: 02/24/05
- Previous message: Security Alert: "SSRT4688 rev.1 HP-UX rpc.ypupdated remote unauthorized access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 24 Feb 2005 12:42:27 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
HP SECURITY BULLETIN
HPSBUX01020 REVISION: 2
SSRT2384 rev.2 HP-UX RPC remote Denial of Service (DoS)
NOTICE:
There are no restrictions for distribution of this Security
Bulletin provided that it remains complete and intact.
The information in this Security Bulletin should be acted upon
as soon as possible.
INITIAL RELEASE:
22 February 2005
POTENTIAL SECURITY IMPACT:
remote Denial of Service (DoS)
SOURCE:
Hewlett-Packard Company
HP Software Security Response Team
VULNERABILITY SUMMARY:
A potential security vulnerability has been identified with HP-UX
running RPC services, where the vulnerability may be exploited by
an unauthorized remote user to create a denial of service (DoS).
REFERENCES:
CERT VU#266817
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.00, B.11.04, B.11.11, B.11.22, B.11.23.
BACKGROUND:
The patches listed below provide the non-blocking I/O
functionality of ONC 2.3 in ONC 1.2. For this feature to be
enabled an application must use either rpc_control() or
svc_control(). New macros have been added for these API's to
allow applications to work in non-blocking mode. The patches
deliver RPC daemons which have been recompiled to enable the
non-blocking I/O functionality.
AFFECTED VERSIONS
Note: To determine if a system has an affected version,
search the output of "swlist -a revision -l fileset"
for an affected fileset. Then determine if the
recommended patch or update is installed.
HP-UX B.11.23
For Integrity (IA) servers
=============
NFS.NFS-SHLIBS
action: install PHNE_30090 or subsequent
NFS.NIS2-CLIENT
NFS.NIS2-SERVER
NFS.NISPLUS2-CORE
action: install PHNE_30091 or subsequent
NFS.KEY-CORE
NFS.NFS2-CORE
NFS.NFS2-SERVER
action: install PHNE_30092 or subsequent
NFS.NFS2-CORE
action: install PHNE_30093 or subsequent
NFS.NFS2-SERVER
action: install PHNE_30094 or subsequent
HP-UX B.11.23
->For HP 9000 (PA) servers
=============
NFS.NFS-SHLIBS
NFS.NIS2-CLIENT
NFS.NIS2-SERVER
NFS.NISPLUS2-CORE
NFS.KEY-CORE
NFS.NFS2-CORE
NFS.NFS2-SERVER
->action: install PHKL_31500 or subsequent
HP-UX B.11.22
=============
NFS.NFS-PRG
NFS.NIS-SERVER
NFS.KEY-CORE
NFS.NFS-KRN
NFS.NFS-SHLIBS
NFS.NFS2-CLIENT
NFS.NFS2-CORE
NFS.NFS2-SERVER
NFS.NIS2-CLIENT
NFS.NIS2-CORE
NFS.NIS2-SERVER
NFS.NISPLUS2-CORE
action: install PHNE_29449 or subsequent
HP-UX B.11.11
=============
NFS.KEY-CORE
NFS.NFS-CLIENT
NFS.NFS-CORE
NFS.NFS-PRG
NFS.NFS-SERVER
NFS.NFS-SHLIBS
NFS.NIS-CLIENT
NFS.NIS-CORE
NFS.NIS-SERVER
NFS.NISPLUS-CORE
NFS.NFS-KRN
action: install PHNE_29211 or subsequent
HP-UX B.11.04
=============
NFS.NFS-CLIENT
NFS.KEY-CORE
NFS.NFS-SHLIBS
action: install PHNE_30808 or subsequent
HP-UX B.11.00
=============
OS-Core.CORE2-KRN
NFS.NFS-KRN
NFS.NFS-CLIENT
NFS.NFS-PRG
NFS.KEY-CORE
NFS.NISPLUS-CORE
NFS.NFS-SERVER
NFS.NFS-SHLIBS
NFS.NIS-CORE
NFS.NIS-CLIENT
NFS.NIS-SERVER
InternetSrvcs.INETSVCS-INETD
action: install PHNE_29210 or subsequent
END AFFECTED VERSIONS
RESOLUTION:
HP has made the following patches available from
http://itrc.hp.com to resolve the issue:
B.11.23 (IA) - PHNE_30090 or subsequent
B.11.23 (IA) - PHNE_30091 or subsequent
B.11.23 (IA) - PHNE_30092 or subsequent
B.11.23 (IA) - PHNE_30093 or subsequent
B.11.23 (IA) - PHNE_30094 or subsequent
->B.11.23 (PA) - PHKL_31500 or subsequent
B.11.22 - PHNE_29449 or subsequent
B.11.11 - PHNE_29211 or subsequent
B.11.04 - PHNE_30808 or subsequent
B.11.00 - PHNE_29210 or subsequent
MANUAL ACTIONS: No
BULLETIN REVISION HISTORY:
Revision 0: 27 April 2004
Initial release.
Revision 1: 08 June 2004
Added PHNE_30808.
Revision 2: 22 February 2005
Added PHKL_31500.
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
iQA/AwUBQhx4Y+AfOvwtKn1ZEQKmegCdFrmDiaP65DcUiOF3UFHK+nF5IGUAoIFq
/28BHRQpC1QnmjpUMxX59M0s
=h/NE
-----END PGP SIGNATURE-----
-- Yours truly, HP S/W Security Team WTEC Cupertino, California Return-Path: secure@cup.hp.com Reply-to: security-alert@hp.com
- Previous message: Security Alert: "SSRT4688 rev.1 HP-UX rpc.ypupdated remote unauthorized access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
