Bugtraq mailing list archives
HPUX Security Bulletin HPSBUX0103-146 - How Bad ?
From: "Boyce, Nick" <nick.boyce () EDS COM>
Date: Mon, 19 Mar 2001 13:43:01 -0000
Usual question - anyone know how bad this one is ? The words "buffer overflow" scare me :-) ===================< cut >=================== [...] Digest Name: daily security bulletins digest Created: Mon Mar 19 3:00:03 PST 2001 Document ID Title --------------- ----------- HPSBUX0103-146 Sec. Vulnerability in crontab(1) The documents are listed below. ---------------------------------------------------------------------------- --- Document ID: HPSBUX0103-146 Date Loaded: 20010318 Title: Sec. Vulnerability in crontab(1) ---------------------------------------------------------------------- HEWLETT-PACKARD COMPANY SECURITY BULLETIN: #0146, 19 Mar. '01 ---------------------------------------------------------------------- The information in the following Security Bulletin should be acted upon as soon as possible. Hewlett-Packard Company will not be liable for any consequences to any customer resulting from customer's failure to fully implement instructions in this Security Bulletin as soon as possible. ---------------------------------------------------------------------- ISSUE: crontab(1) contains a buffer overflow. PLATFORM: HP9000 Series 700 and 800 running HP-UX releases 11.00, 11.04, 10.20, 10.24, 10.10, and 10.01. POSSIBLE RESULT: Users could compromise system availability. SOLUTION: Apply patches for HP-UX releases as follows: for 11.00: PHCO_22767, 11.04: PHCO_23429, 10.20: PHCO_22768, 10.24: PHCO_23455, 10.10: PHCO_22769, 10.01: PHCO_22770. [snip] ===================< cut >=================== (I'll forward the whole thing if people want to see it)
Nick Boyce EDS Healthcare, Bristol, UK
Current thread:
- HPUX Security Bulletin HPSBUX0103-146 - How Bad ? Boyce, Nick (Mar 19)
- Re: HPUX Security Bulletin HPSBUX0103-146 - How Bad ? Joe Carnahan (Mar 20)