https://community.hpe.com/t5/operating-system-hp-ux/cde-rpc-cmsd-server-remotely-exploitable-buffer-overflow/m-p/2622604#M39035 Hi Brando,<BR /><BR />Take a look at the thread below,<BR /><BR /><A href="http://us-support2.external.hp.com/cki/bin/doc.pl/sid=c0fadfc41ac4db1cb2/screen=ckiDisplayDocument?docId=400000000250246" target="_blank">http://us-support2.external.hp.com/cki/bin/doc.pl/sid=c0fadfc41ac4db1cb2/screen=ckiDisplayDocument?docId=400000000250246</A><BR /><BR />Hope this helps.<BR /><BR />Regds<BR /> Thu, 29 Nov 2001 23:04:29 GMT Sanjay_6 2001-11-29T23:04:29Z https://community.hpe.com/t5/operating-system-hp-ux/cde-rpc-cmsd-server-remotely-exploitable-buffer-overflow/m-p/2622603#M39034 Got scanned for network security/vulnerability and I was informed that my server had a "CDE rpc.cmsd server remotely exploitable buffer overflow". What does this mean and how do I fix it?<BR /><BR />Thanks. Thu, 29 Nov 2001 22:56:00 GMT https://community.hpe.com/t5/operating-system-hp-ux/cde-rpc-cmsd-server-remotely-exploitable-buffer-overflow/m-p/2622603#M39034 Brando Sumayao 2001-11-29T22:56:00Z https://community.hpe.com/t5/operating-system-hp-ux/cde-rpc-cmsd-server-remotely-exploitable-buffer-overflow/m-p/2622604#M39035 Hi Brando,<BR /><BR />Take a look at the thread below,<BR /><BR /><A href="http://us-support2.external.hp.com/cki/bin/doc.pl/sid=c0fadfc41ac4db1cb2/screen=ckiDisplayDocument?docId=400000000250246" target="_blank">http://us-support2.external.hp.com/cki/bin/doc.pl/sid=c0fadfc41ac4db1cb2/screen=ckiDisplayDocument?docId=400000000250246</A><BR /><BR />Hope this helps.<BR /><BR />Regds<BR /> Thu, 29 Nov 2001 23:04:29 GMT https://community.hpe.com/t5/operating-system-hp-ux/cde-rpc-cmsd-server-remotely-exploitable-buffer-overflow/m-p/2622604#M39035 Sanjay_6 2001-11-29T23:04:29Z https://community.hpe.com/t5/operating-system-hp-ux/cde-rpc-cmsd-server-remotely-exploitable-buffer-overflow/m-p/2622605#M39036 Sanjay,<BR /><BR />I am running V11.11 and the link you referred me to mentions a patch as a fix but only for the ff:<BR /><BR />For HP-UX release 11.00 PHSS_19483.<BR /><BR />Could not find a patch for this vulnerability for V11.11. <BR /><BR />Any thoughts?<BR /> Thu, 29 Nov 2001 23:29:35 GMT https://community.hpe.com/t5/operating-system-hp-ux/cde-rpc-cmsd-server-remotely-exploitable-buffer-overflow/m-p/2622605#M39036 Brando Sumayao 2001-11-29T23:29:35Z https://community.hpe.com/t5/operating-system-hp-ux/cde-rpc-cmsd-server-remotely-exploitable-buffer-overflow/m-p/2622606#M39037 Hi Brando,<BR /><BR />Seems like the patch PHSS_19483 has been supeceded by patch PHSS_25138. On going through the patch equivalency table it seems this problem was fixed in HP-UX 11.11. There is a possibility the problem was fixed in a later release of 11i than the one you are having on your system. Here is a thread on the patch equivalency table,<BR /><BR /><A href="http://us-support.external.hp.com/wpsl/bin/doc.pl/screen=wpslEqTable/sid=a2a5c479027a441344?docid=equiv_data1100" target="_blank">http://us-support.external.hp.com/wpsl/bin/doc.pl/screen=wpslEqTable/sid=a2a5c479027a441344?docid=equiv_data1100</A><BR /><BR />If you are having this problem on 11i, look for CDE patches on 11i and hope those will solve your problems.<BR /><BR />Hope this helps.<BR /><BR />Regds<BR /> Thu, 29 Nov 2001 23:56:35 GMT https://community.hpe.com/t5/operating-system-hp-ux/cde-rpc-cmsd-server-remotely-exploitable-buffer-overflow/m-p/2622606#M39037 Sanjay_6 2001-11-29T23:56:35Z