https://community.hpe.com/t5/operating-system-hp-ux/security-issue/m-p/2590930#M884331 Hi ,<BR />I know about this security issue---<BR />Lately, there is a security vulnerability in 'rlpdaemons' (remote printing<BR />daemons) as follow:<BR /><BR />===================================================<BR />HP-UX is shipped with a line printer daemon adapted from BSD UNIX. <BR />Many commercial and open-source operating systems are adapted from <BR />BSD UNIX. The HP line printer daemon is similar to "in.lpd" in other UNIX<BR />variants. The Line Printer Daemon is used to allow heterogeneous UNIX<BR />environments to share printers over a network. <BR /><BR />A buffer overflow exists in rlpdaemon that may allow remote attackers<BR />to send a specially-crafted print request to crash the service, or execute<BR />arbitrary code with superuser privilege on the target system. The<BR />vulnerability is particularly serious because rlpdaemon is installed<BR />and configured by default and is active even if it is not being used.<BR />No local account or knowledge of the configuration on the target system<BR />is needed to successfully exploit this vulnerability.<BR /><BR />The following versions are known to be vulnerable:<BR /><BR />HP-UX 10.01, 10.10 <BR />HP-UX 11.00, 11.11 <BR /><BR />Solution<BR /><BR />All administrators who have not implemented network printing should<BR />immediately disable rlpdaemon, as well as any other unused services.<BR />The following patches should be immediately applied to address the <BR />vulnerability:<BR /><BR />10.01 PHCO_24697 <BR />10.10 PHCO_24698 <BR />10.20 PHCO_24699 <BR />11.00 PHCO_24700 <BR />11.11 PHCO_24701 <BR /><BR />This may not be reply of your question..still I wanted to share with you.<BR />regards<BR />Animesh<BR /><BR /> Mon, 08 Oct 2001 04:50:57 GMT Animesh Chakraborty 2001-10-08T04:50:57Z https://community.hpe.com/t5/operating-system-hp-ux/security-issue/m-p/2590928#M884329 Currently, we found that omniback having some weakness to let some hacks application to logon into my HP-UX server. We have proved that could someone having this kind of problem before ? If yes, what is the solution. I heard that need some omniback patches. What pathches ? Thanks in advance. Mon, 08 Oct 2001 04:25:06 GMT https://community.hpe.com/t5/operating-system-hp-ux/security-issue/m-p/2590928#M884329 Kenn Chen 2001-10-08T04:25:06Z https://community.hpe.com/t5/operating-system-hp-ux/security-issue/m-p/2590929#M884330 Hi,<BR /><BR />I've not heard of any OmniBack related<BR />security problems before.<BR />Follow this link and sign up to receive<BR />the HP security bulletins. You can also<BR />look up some of the older bulletins that<BR />would have been sent out.<BR /><BR /><A href="http://us-support.external.hp.com/digest/bin/doc.pl/sid=48d96b4d0bb6221da4/screen=digestSubscr" target="_blank">http://us-support.external.hp.com/digest/bin/doc.pl/sid=48d96b4d0bb6221da4/screen=digestSubscr</A><BR /><BR />HTH<BR />-Michael<BR /><BR />PS The OmniBack patch list I gave you before is<BR />the patch list. If there happen to be any <BR />security related patches that's where you<BR />would find them. Mon, 08 Oct 2001 04:46:06 GMT https://community.hpe.com/t5/operating-system-hp-ux/security-issue/m-p/2590929#M884330 Michael Tully 2001-10-08T04:46:06Z https://community.hpe.com/t5/operating-system-hp-ux/security-issue/m-p/2590930#M884331 Hi ,<BR />I know about this security issue---<BR />Lately, there is a security vulnerability in 'rlpdaemons' (remote printing<BR />daemons) as follow:<BR /><BR />===================================================<BR />HP-UX is shipped with a line printer daemon adapted from BSD UNIX. <BR />Many commercial and open-source operating systems are adapted from <BR />BSD UNIX. The HP line printer daemon is similar to "in.lpd" in other UNIX<BR />variants. The Line Printer Daemon is used to allow heterogeneous UNIX<BR />environments to share printers over a network. <BR /><BR />A buffer overflow exists in rlpdaemon that may allow remote attackers<BR />to send a specially-crafted print request to crash the service, or execute<BR />arbitrary code with superuser privilege on the target system. The<BR />vulnerability is particularly serious because rlpdaemon is installed<BR />and configured by default and is active even if it is not being used.<BR />No local account or knowledge of the configuration on the target system<BR />is needed to successfully exploit this vulnerability.<BR /><BR />The following versions are known to be vulnerable:<BR /><BR />HP-UX 10.01, 10.10 <BR />HP-UX 11.00, 11.11 <BR /><BR />Solution<BR /><BR />All administrators who have not implemented network printing should<BR />immediately disable rlpdaemon, as well as any other unused services.<BR />The following patches should be immediately applied to address the <BR />vulnerability:<BR /><BR />10.01 PHCO_24697 <BR />10.10 PHCO_24698 <BR />10.20 PHCO_24699 <BR />11.00 PHCO_24700 <BR />11.11 PHCO_24701 <BR /><BR />This may not be reply of your question..still I wanted to share with you.<BR />regards<BR />Animesh<BR /><BR /> Mon, 08 Oct 2001 04:50:57 GMT https://community.hpe.com/t5/operating-system-hp-ux/security-issue/m-p/2590930#M884331 Animesh Chakraborty 2001-10-08T04:50:57Z https://community.hpe.com/t5/operating-system-hp-ux/security-issue/m-p/2590931#M884332 And this is another reason I'm so frustrated with the patching scheme for HP-UX. I went to the patch database and couldn't find the patches for this problem. Where is it?<BR />Why is so hard to find particular patches? Why do you have to be a darn Rocket Scientist to figure out what patches to load?<BR /> Thu, 15 Nov 2001 15:29:26 GMT https://community.hpe.com/t5/operating-system-hp-ux/security-issue/m-p/2590931#M884332 Dylan Fahey 2001-11-15T15:29:26Z