CDE sub process control daemon (dtspcd)

Steve Hinchman · ‎02-01-2002

Our site received a security tasking to eliminate a vulnerability in dtspcd. We are responsible for HP-UX servers running 11.0 and 11i (CDE is installed but not running)and no workstations. Since this daemon appears to be run under CDE on desktops only, I would like to eliminate the vulnerability on our servers by simply doing a chmod 444 /usr/dt/bin/dtspcd. Is this sufficient or does dtspcd run periodically on servers for other purposes?

Sanjay_6 · ‎02-01-2002

Hi Steve,

I think hp released some patches to handle this security problem with dtspcd.

The patches are
10.20 PHSS_25786
11.00 PHSS_25787
11.11 PHSS_25788

Hope this helps.

Regds

T. M. Louah · ‎02-01-2002

Vulnerability discussed here:
http://www.kb.cert.org/vuls/id/172583

Scroll to section C for Recommended Solution @:
http://www.kb.cert.org/vuls/id/AAMN-542TFN

G'd luck
t++

Little learning is dangerous!

Andre Ford · ‎02-19-2002

Hi all,

I've received the same tasking as well but I need some clarification:

1) When checking /etc/services, I see a reference to 'spc' instead of 'dtspc'. Is this the same service? I've also checked /etc/inetd.conf and see entry for 'dtspc' so I know I need to apply the patch for my 10.20 system

2) I also have systems running HP-UX 9.05. I didn't see this version referenced from HP. Does this vulnerability apply to this OS? I've checked the same files listed above but see no reference to 'dtspc', just 'spc'.

Appreciate any clarification. Thanks!

Andre

Steven Sim Kok Leong · ‎02-20-2002

Hi,

spc runs on service port 6111 while dtspc runs on service port 6112.

They are related but not the same service.

Blocking and restricting traffic access at the firewall filtering rules to these service ports would be an added security measure in addition to patching the servers of the vulnerability.

Hope this helps. Regards.

Steven Sim Kok Leong

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

CDE sub process control daemon (dtspcd)

CDE sub process control daemon (dtspcd)

Re: CDE sub process control daemon (dtspcd)

Re: CDE sub process control daemon (dtspcd)

Re: CDE sub process control daemon (dtspcd)

Re: CDE sub process control daemon (dtspcd)