Re: Single Logical Screen daemon

Bing Wong · ‎02-22-2007

I got this from AT&T...
A vulnerability has been reported in HP-UX, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a design error in the Single Logical Screen daemon (SLSd) and can be exploited to create or overwrite arbitrary files with superuser privileges via a specially crafted packet sent to the daemon. Successful exploitation allows execution of arbitrary code by e.g. overwriting .rhosts, cron scripts, or other files used for authentication. The vulnerability is reported in versions 11.11i and 10.20. Other versions may also be affected.

HP told me to apply these patches:
CDE Base patch: PHSS_354249
CDE Application patch: PHSS_35343

Since I am not a full time system admin, can anyone tell me how to check if my HP-UX has CDE running? Thank you very much.

Manohar Manne_1 · ‎02-23-2007

check dttlogin or dtterm process

Bing Wong · ‎02-23-2007

I have it running. Thanks.

root@hrisdev1:/root # ps -ef|grep dtl
root 2672 2650 1 10:24:53 pts/td 0:00 grep dtl
root 3465 3409 0 Feb 18 ? 0:00 /usr/dt/bin/dtlogin

Bing Wong · ‎02-23-2007

Thank you Manohar

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: Single Logical Screen daemon

Single Logical Screen daemon