HPE Community
Operating System - HP-UX
1833704 Members
2472 Online
110062 Solutions
New Discussion

Security issue

 
Kenn Chen
Advisor

‎10-07-2001 09:25 PM

‎10-07-2001 09:25 PM

Security issue

Currently, we found that omniback having some weakness to let some hacks application to logon into my HP-UX server. We have proved that could someone having this kind of problem before ? If yes, what is the solution. I heard that need some omniback patches. What pathches ? Thanks in advance.
Cyber Zen
0 Kudos
Reply
3 REPLIES 3
Michael Tully
Honored Contributor

‎10-07-2001 09:46 PM

‎10-07-2001 09:46 PM

Re: Security issue

Hi,

I've not heard of any OmniBack related
security problems before.
Follow this link and sign up to receive
the HP security bulletins. You can also
look up some of the older bulletins that
would have been sent out.

http://us-support.external.hp.com/digest/bin/doc.pl/sid=48d96b4d0bb6221da4/screen=digestSubscr

HTH
-Michael

PS The OmniBack patch list I gave you before is
the patch list. If there happen to be any
security related patches that's where you
would find them.
Anyone for a Mutiny ?
0 Kudos
Reply
Animesh Chakraborty
Honored Contributor

‎10-07-2001 09:50 PM

‎10-07-2001 09:50 PM

Re: Security issue

Hi ,
I know about this security issue---
Lately, there is a security vulnerability in 'rlpdaemons' (remote printing
daemons) as follow:

===================================================
HP-UX is shipped with a line printer daemon adapted from BSD UNIX.
Many commercial and open-source operating systems are adapted from
BSD UNIX. The HP line printer daemon is similar to "in.lpd" in other UNIX
variants. The Line Printer Daemon is used to allow heterogeneous UNIX
environments to share printers over a network.

A buffer overflow exists in rlpdaemon that may allow remote attackers
to send a specially-crafted print request to crash the service, or execute
arbitrary code with superuser privilege on the target system. The
vulnerability is particularly serious because rlpdaemon is installed
and configured by default and is active even if it is not being used.
No local account or knowledge of the configuration on the target system
is needed to successfully exploit this vulnerability.

The following versions are known to be vulnerable:

HP-UX 10.01, 10.10
HP-UX 11.00, 11.11

Solution

All administrators who have not implemented network printing should
immediately disable rlpdaemon, as well as any other unused services.
The following patches should be immediately applied to address the
vulnerability:

10.01 PHCO_24697
10.10 PHCO_24698
10.20 PHCO_24699
11.00 PHCO_24700
11.11 PHCO_24701

This may not be reply of your question..still I wanted to share with you.
regards
Animesh

Did you take a backup?
0 Kudos
Reply
Dylan Fahey
Frequent Advisor

‎11-15-2001 07:29 AM

‎11-15-2001 07:29 AM

Re: Security issue

And this is another reason I'm so frustrated with the patching scheme for HP-UX. I went to the patch database and couldn't find the patches for this problem. Where is it?
Why is so hard to find particular patches? Why do you have to be a darn Rocket Scientist to figure out what patches to load?
I'd rather do it with the Penguin!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.