https://community.hpe.com/t5/operating-system-hp-ux/cde-sub-process-control-daemon-dtspcd/m-p/2657355#M756591 Hi all,<BR /><BR />I've received the same tasking as well but I need some clarification:<BR /><BR />1) When checking /etc/services, I see a reference to 'spc' instead of 'dtspc'. Is this the same service? I've also checked /etc/inetd.conf and see entry for 'dtspc' so I know I need to apply the patch for my 10.20 system<BR /><BR />2) I also have systems running HP-UX 9.05. I didn't see this version referenced from HP. Does this vulnerability apply to this OS? I've checked the same files listed above but see no reference to 'dtspc', just 'spc'.<BR /><BR />Appreciate any clarification. Thanks!<BR /><BR />Andre Tue, 19 Feb 2002 14:05:55 GMT Andre Ford 2002-02-19T14:05:55Z https://community.hpe.com/t5/operating-system-hp-ux/cde-sub-process-control-daemon-dtspcd/m-p/2657352#M756588 Our site received a security tasking to eliminate a vulnerability in dtspcd. We are responsible for HP-UX servers running 11.0 and 11i (CDE is installed but not running)and no workstations. Since this daemon appears to be run under CDE on desktops only, I would like to eliminate the vulnerability on our servers by simply doing a chmod 444 /usr/dt/bin/dtspcd. Is this sufficient or does dtspcd run periodically on servers for other purposes? Fri, 01 Feb 2002 20:06:33 GMT https://community.hpe.com/t5/operating-system-hp-ux/cde-sub-process-control-daemon-dtspcd/m-p/2657352#M756588 Steve Hinchman 2002-02-01T20:06:33Z https://community.hpe.com/t5/operating-system-hp-ux/cde-sub-process-control-daemon-dtspcd/m-p/2657353#M756589 Hi Steve,<BR /><BR />I think hp released some patches to handle this security problem with dtspcd.<BR /><BR />The patches are <BR />10.20 PHSS_25786<BR />11.00 PHSS_25787<BR />11.11 PHSS_25788<BR /><BR />Hope this helps.<BR /><BR />Regds<BR /> Fri, 01 Feb 2002 20:19:58 GMT https://community.hpe.com/t5/operating-system-hp-ux/cde-sub-process-control-daemon-dtspcd/m-p/2657353#M756589 Sanjay_6 2002-02-01T20:19:58Z https://community.hpe.com/t5/operating-system-hp-ux/cde-sub-process-control-daemon-dtspcd/m-p/2657354#M756590 Vulnerability discussed here:<BR /><A href="http://www.kb.cert.org/vuls/id/172583" target="_blank">http://www.kb.cert.org/vuls/id/172583</A><BR /><BR />Scroll to section C for Recommended Solution @:<BR /><A href="http://www.kb.cert.org/vuls/id/AAMN-542TFN" target="_blank">http://www.kb.cert.org/vuls/id/AAMN-542TFN</A><BR /><BR />G'd luck<BR />t++<BR /><BR /> Fri, 01 Feb 2002 22:17:44 GMT https://community.hpe.com/t5/operating-system-hp-ux/cde-sub-process-control-daemon-dtspcd/m-p/2657354#M756590 T. M. Louah 2002-02-01T22:17:44Z https://community.hpe.com/t5/operating-system-hp-ux/cde-sub-process-control-daemon-dtspcd/m-p/2657355#M756591 Hi all,<BR /><BR />I've received the same tasking as well but I need some clarification:<BR /><BR />1) When checking /etc/services, I see a reference to 'spc' instead of 'dtspc'. Is this the same service? I've also checked /etc/inetd.conf and see entry for 'dtspc' so I know I need to apply the patch for my 10.20 system<BR /><BR />2) I also have systems running HP-UX 9.05. I didn't see this version referenced from HP. Does this vulnerability apply to this OS? I've checked the same files listed above but see no reference to 'dtspc', just 'spc'.<BR /><BR />Appreciate any clarification. Thanks!<BR /><BR />Andre Tue, 19 Feb 2002 14:05:55 GMT https://community.hpe.com/t5/operating-system-hp-ux/cde-sub-process-control-daemon-dtspcd/m-p/2657355#M756591 Andre Ford 2002-02-19T14:05:55Z https://community.hpe.com/t5/operating-system-hp-ux/cde-sub-process-control-daemon-dtspcd/m-p/2657356#M756592 Hi,<BR /><BR />spc runs on service port 6111 while dtspc runs on service port 6112.<BR /><BR />They are related but not the same service.<BR /><BR />Blocking and restricting traffic access at the firewall filtering rules to these service ports would be an added security measure in addition to patching the servers of the vulnerability.<BR /><BR />Hope this helps. Regards.<BR /><BR />Steven Sim Kok Leong Thu, 21 Feb 2002 03:41:50 GMT https://community.hpe.com/t5/operating-system-hp-ux/cde-sub-process-control-daemon-dtspcd/m-p/2657356#M756592 Steven Sim Kok Leong 2002-02-21T03:41:50Z