topic Re: HP Security Bulletin #0168 in Operating System - HP-UX

HP Security Bulletin #0168

Chet Woods — Tue, 02 Oct 2001 17:35:54 GMT

Hey there,
Does anyone know anything about this bulletin referring to RPC processes?? Your help is much appreciated.

Thanks,
Chet

Re: HP Security Bulletin #0168

Christopher Caldwell — Tue, 02 Oct 2001 21:18:03 GMT

Invariably these are buffer overflow errors, or some other "bug" that allows the compromise of your servers. If you're in an at-risk environment (Internet or equivalent), I'd put the rpc patches high on your list.

Re: HP Security Bulletin #0168

Michael Tully — Wed, 03 Oct 2001 04:27:59 GMT

Hi Chet,

As suggested your system can be compromised
by having 'rpc' ports open. If you don't
require these ports close them off in your
/etc/inetd.conf file. If you need them
make sure you install the patch(es) at an
early convenience and make them a priority
if your system is exposed to high risk or
outside of your firewall.

HTH
-Michael