HPE Community
Operating System - HP-UX
1827857 Members
1717 Online
109969 Solutions
New Discussion

security issues

 
SOLVED
Go to solution
Omar Alvi_1
Super Advisor

‎03-05-2004 10:53 PM

‎03-05-2004 10:53 PM

security issues

Hi,

Is there a security patch bundle released by HP? I actually wanted to address the following issues raised by a customer.

-NFS Exported Directories Mountable by unathorized users .

-statd service may be vulnerable to a format string attack .

-rpc. mountd daemon might be vulnerable to an off-by one overflow .

-Sendmail Header Processing Buffer Overflow Vulnerability .

-Sendmail Addredd Prescan Possible Memory Corruption Vulnerability .

-Sendmail Prescan() Remote Buffer Overrun Vulnerability .

-Multiple Vendor SNMP Request And Trap Handling Vulnerabilities.

Thanks and Regards,

Omar Alvi


0 Kudos
Reply
4 REPLIES 4
Patrick Wallek
Honored Contributor

‎03-06-2004 04:03 AM

‎03-06-2004 04:03 AM

Solution

Re: security issues

No there is no security patch bundle per se.

The easiest way to address security patches is with the security_patch_check tool. Download and install this tool.

http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA

(Note that this requires Perl which can be obtained here: )
http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=PERL

Then run it:

# /opt/sec_mgmt/spc/bin/security_patch_check -r

It will give you a list of security patches required to get your system up to date.

With that list you can then go to the ITRC Patch database

http://www1.itrc.hp.com/service/patch/mainPage.do

Search for each patch, add it to your list and then download the whole bundle. This will also resolve any patch dependencies as well.
Reply
Steven E. Protter
Exalted Contributor

‎03-06-2004 12:00 PM

‎03-06-2004 12:00 PM

Re: security issues

Looking for the magic security patch bundle.

Stop looking.

Security is based on the dilligence and time of the systems administrator. You have to stay on top of patches, keep your eyes on the net for new threats.

There are other tools that help though.

Security Patch Check
http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=B6834AA

TCP Wrappers

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=TCPWRAP

IDS/9000 (Intrusion Detection Sytstem)

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=J5083AA

Get all these products working you'll be quite secure.

Secure shell
http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=T1471AA

ipfilter
http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B9901AA

Also, dump any logins or transfers based on the insecure Berkley protocols. rsh.remesh.rcp.

Permissions are key. Especially when exposed to the public Internet.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Berlene Herren
Honored Contributor

‎03-06-2004 11:13 PM

‎03-06-2004 11:13 PM

Re: security issues

Omar, HP can perform a security analysis/audit for you, and give solid recommendations to secure your servers. Ping me if you want more info....

berlene.herren@hp.com
http://www.mindspring.com/~bkherren/dobes/index.htm
Reply
Robert Fritz
Regular Advisor

‎03-07-2004 10:06 AM

‎03-07-2004 10:06 AM

Re: security issues

I might also suggest the Bastille lockdown tool. It will help turn off services that you don't need, and help configure a firewall.

http://www.software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6849AA
Those Who Would Sacrifice Liberty for Security Deserve Neither." - Benjamin Franklin
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.