SSRT3608 Potential security vulnerability in DCE

Berlene Herren · ‎08-16-2003

A security bulletin has been issued:

-----------------------------------------------------------------
Source: HEWLETT-PACKARD COMPANY
SECURITY BULLETIN: HPSBUX0308-273
Originally issued: 13 August 2003
SSRT3608 Potential security vulnerability in DCE

-----------------------------------------------------------------

To access the bulletin from the itrc:

Select "maintenance and support"
Select "search technical knowledge base"
Select "HP-UX Software Security Bulletins"
Select "Search by Security Bulletin Number"
Enter "HPSBUX0308-273"
Search

The complete list of security bulletins can be found here:

http://itrc.hp.com/cki/bin/doc.pl/screen=ckiSecurityBulletin
=================================================================

A. Background

This problem has been reported by CERT/cc:

<>

CERT/cc reports that the vulnerability can be
triggered by attempts to exploit Microsoft RPC
vulnerabilities:

<>
<>

Berlene

http://www.mindspring.com/~bkherren/dobes/index.htm

Geoff Belet · ‎08-19-2003

I have inherited an HP-UX 11.00 system with these DCE pieces installed:

HPUXEng32RT.DCE-Core

B6192AA B.11.00.10 DCE/9000 Programming & Administration Tools Media and Manuals

B6733AA B.11.00.10 DCE/9000 Kernel Threads Support

(No prior DCE patches installed)

Security Bulletin -273 refers to 11.00 patch PHSS_27962 DCE/9000 1.7 Runtime which would appear to be for HPUXEng32RT.DCE-Core filesets.
I cannot find any patch reference to the filesets contained in B6192AA and B6733AA other than PHSS_27964 which is DCE/9000 1.7 Server/DevTools patch. My concern is libraries are in use that were originally installed with HPUXEng32RT.DCE-Core and B6733AA. I do not want to install PHSS_27962 if the libraries it replaces will cause out of sync problems with DCE. Any thoughts on how to proceed would be appreciated.

Geoff

If butter didn't have feathers, where would the sardines sleep ?

Berlene Herren · ‎08-19-2003

Geof, I am checking with the security team.
Berlene

http://www.mindspring.com/~bkherren/dobes/index.htm

Berlene Herren · ‎08-21-2003

PHSS_27964 does not contain any shared libraries. The only way installing PHSS_27962 without PHSS_27964 could result in
an inconsistent set is if some DCE program were linked with archived libraries. This seems unlikely, but the DCE support people should get involved if it is believed DCE archived libraries are in use.

Berlene

http://www.mindspring.com/~bkherren/dobes/index.htm

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

SSRT3608 Potential security vulnerability in DCE

SSRT3608 Potential security vulnerability in DCE

Re: SSRT3608 Potential security vulnerability in DCE

Re: SSRT3608 Potential security vulnerability in DCE

Re: SSRT3608 Potential security vulnerability in DCE