Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: HP/UX :: vvault2.htm

HP-UX VirtualVault syslogd can be used to forward syslog messages resulting in console spoofing



Vulnerability

    syslogd

Affected

    HP9000 Series 700/800s running:
      HP-UX 10.09.01 with VirtualVault A.01.00,
      HP-UX 10.16 with VirtualVault A.01.01,
      HP-UX 10.24 (VVOS) with VirtualVault A.02.00

Description

    The syslogd program can be used by a process to forward syslog
    messages that can result in a denial of service or a spoofing
    problem on the system console.

Solution

    Hewlett-Packard recommends that  the following patches  be applied
    as appropriate:

      HP-UX 10.09.01 with VirtualVault A.01.00:
            PHCO_10387 and PHSS_10786
      HP-UX 10.16 with VirtualVault A.01.01:
            PHCO_10387 and PHSS_10786
      HP-UX 10.24 (VVOS) with VirtualVault A.02.00:
            PHNE_11096 (Series 700) and PHSS_10613
            PHNE_11097 (Series 800) and PHSS_10613

    NOTE: These   problems  only   apply  to   systems  running    the
          VirtualVault Transaction Server.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH