topic Re: SSRT3483 Potential Security Vulnerability in wall(1M) command in Operating System - HP-UX

SSRT3483 Potential Security Vulnerability in wall(1M) command

Berlene Herren — Wed, 07 May 2003 16:08:10 GMT

=================================================================
A security bulletin has been issued:

-----------------------------------------------------------------
Source: HEWLETT-PACKARD COMPANY
SECURITY BULLETIN: HPSBUX0305-258
Originally issued: 06 May 2003
SSRT3483 Potential Security Vulnerability in wall(1M) command
-----------------------------------------------------------------

To access the bulletin from the itrc:

Select "maintenance and support"
Select "search technical knowledge base"
Select "HP-UX Software Security Bulletins"
Select "Search by Security Bulletin Number"
Enter "HPSBUX0304-257"
Search

The complete list of security bulletins can be found here:

http://itrc.hp.com/cki/bin/doc.pl/screen=ckiSecurityBulletin
=================================================================

Berlene

Re: SSRT3483 Potential Security Vulnerability in wall(1M) command

Paul Sperry — Wed, 07 May 2003 19:29:36 GMT

Thanks for the heads up. I use wall all the time to communicate to my users.
I installed the patch as recommended:

SOLUTION: Apply the appropriate patch for HP-UX releases:
PHCO_28717 for 10.20,
PHCO_28718 for 11.00,
PHCO_28719 for 11.11.

Also I think you meant search for document id: HPSBUX0305-258

I downloaded the new security_catalog and ran security_patch_check just about
a hour ago and this issue didn???t show up. Guess I should register to be notified by e-mail.

BTW it took me about 45 mins to reply. This site really slows down sometimes.

Re: SSRT3483 Potential Security Vulnerability in wall(1M) command

Berlene Herren — Wed, 07 May 2003 19:45:26 GMT

Thank you, Paul. You can subscribe with these steps

To subscribe to automatically receive future NEW HP Security
Bulletins from the HP IT Resource Center via electronic
mail, do the following:

Use your browser to get to the HP IT Resource Center page
at:

http://itrc.hp.com

Use the 'Login' tab at the left side of the screen to login
using your ID and password. Use your existing login or the
"Register" button at the left to create a login, in order to
gain access to many areas of the ITRC. Remember to save the
User ID assigned to you, and your password.

In the left most frame select "Maintenance and Support".

Under the "Notifications" section (near the bottom of
the page), select "Support Information Digests".

To -subscribe- to future HP Security Bulletins or other
Technical Digests, click the check box (in the left column)
for the appropriate digest and then click the "Update
Subscriptions" button at the bottom of the page.

or

To -review- bulletins already released, select the link
(in the middle column) for the appropriate digest.

NOTE: Using your itrc account security bulletins can be
found here:
http://itrc.hp.com/cki/bin/doc.pl/screen=ckiSecurityBulletin

Take a look at thisand add your difficulties to the thread!
http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x8b075ec05a7ad711abdc0090277a778c,00.html

Berlene

Re: SSRT3483 Potential Security Vulnerability in wall(1M) command

Keith Buck — Fri, 09 May 2003 17:18:08 GMT

Paul,

Because the data in the security catalog is based on the bulletin release, there is a time delay. Security Patch Check should detect these patches tomorrow with an updated catalog. The bulletins are the definitive source of security information from HP, and we don't update the security patch check data until after all customers have received the bulletin.

Also note that it's important to subscribe to the bulletin mailing list anyway, since you might miss any manual actions mentioned in the bulletin. Security Patch Check can't detect manual actions....just patches. Security Patch Check completely automates the process of looking through the hp-ux patch matrix (ftp://ftp.itrc.hp.com/export/patches/hp-ux_patch_matrix) and seeing what is relevant to your HP-UX 11.x system.

Hope that helps.

-Keith