[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 978/05 - Hewlett Packard Security Bulletin - SSRT051074 - HP-UX Running xterm Local



-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 978/05 dated 24.11.05  Time: 14:30  
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

Hewlett Packard Security Bulletin - SSRT051074 - HP-UX Running xterm Local 
Unauthorized Access 

Detail
====== 

A potential security vulnerability has been identified with HP-UX 
running xterm.  The vulnerability could be exploited by a local 
user to gain unauthorized access. 


- -----BEGIN PGP SIGNED MESSAGE----- 
Hash: SHA1 

SUPPORT COMMUNICATION - SECURITY BULLETIN 

Document ID: c00555516 
Version: 2 

HPSBUX02075 SSRT051074 Revised - HP-UX Running xterm Local 
                                 Unauthorized Access 

NOTICE: The information in this Security Bulletin should be acted 
upon as soon as possible. 

Release Date: 2005-11-11 
Last Updated: 2005-11-22 

Potential Security Impact: Local unauthorized access 

Source: Hewlett-Packard Company, 
        HP Software Security Response Team 

VULNERABILITY SUMMARY 

A potential security vulnerability has been identified with HP-UX 
running xterm.  The vulnerability could be exploited by a local 
user to gain unauthorized access. 

References: none 

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. 
HP-UX B.11.00, B.11.11, B.11.23. 

BACKGROUND 

To determine if an HP-UX system has an affected version, 
search the output of "swlist -a revision -l fileset" 
for one of the filesets listed below. For affected systems 
verify that the recommended action has been taken. 

AFFECTED VERSIONS 

HP-UX B.11.00 
============= 
X11.X11-RUN-CL 
action: remove PHSS_32109 if installed 

HP-UX B.11.11 
============= 
X11.X11-RUN-CL 
action: remove PHSS_30791 if installed 

HP-UX B.11.11 
============= 
X11.X11-RUN-CL 
action: remove PHSS_33589 if installed 

HP-UX B.11.23 
============= 
X11.X11-RUN-CL 
action: remove PHSS_31833 if installed 

HP-UX B.11.23 
============= 
X11.X11-RUN-CL 
action: remove PHSS_32366 if installed 

END AFFECTED VERSIONS 

RESOLUTION 

Until patches are provided to resolve the issue avoid using the 
potentially vulnerable versions of /usr/bin/X11/xterm. 

One solution is to remove the patches listed in the Background 
section (above).  The patches listed are the only patches 
containing the potentially vulnerable xterm. 

An alternative to removing the patches is to use 
/usr/contrib/bin/X11R5/xterm. 

For example: 

cp /usr/bin/X11/xterm /usr/bin/X11/xterm.nosuid 
chmod 555 /usr/bin/X11/xterm.nosuid 
cp /usr/contrib/bin/X11R5/xterm /usr/bin/X11/xterm 


 ->Preliminary xterm Binary Files 

 ->Preliminary xterm binary files are available to resolve the 
 ->issue.  These binary files are X11R6 replacements for the 
 ->potentially vulnerable versions of xterm, and they contain the 
 ->same defect fixes. 

 ->Customers who do not require the latest xterm may prefer to 
 ->remove the patches listed above instead. Manual action is 
 ->required to install the preliminary binary xterm files. 

 ->To install the preliminary xterm download README.txt and the 
 ->appropriate xterm file via ftp from hprc.external.hp.com 
 ->(192.170.19.100). 
 ->The ftp account is 'xterm', and the password is 'xterm'. 

 ->Brower ftp access: 
 ->ftp://xterm:xterm@xxxxxxxxxxxxxxxxxxxx/ 
 ->ftp://xterm:xterm@xxxxxxxxxxxxxx/ 

 ->README.txt contains instructions for installing the 
 ->preliminary files. 
 ->cksum: 
 ->766557324 1630 README.txt 
 ->md5 sum: 
 ->960cc500dcf9d4c2c72464822bc79c18 README.txt 

MANUAL ACTIONS: Yes - NonUpdate 
Remove the patches listed in the Background section, 
use /usr/contrib/bin/X11R5/xterm, 
- - ->or install the preliminary xterm files. 


PRODUCT SPECIFIC INFORMATION 

HP-UX Security Patch Check: Security Patch Check revision B.02.00 
analyzes all HP-issued Security Bulletins to provide a subset of 
recommended actions that potentially affect a specific HP-UX 
system. For more information: 
http://software.hp.com/portal/swdepot/displayProductInfo.do? 
productNumber=B6834AA 


UPDATE HISTORY 
Initial release: 13 November 2005 
Update 1: 22 November 2005 Preliminary xterm files are available. 


Support: For further information, contact normal HP Services 
support channel. 

Report: To report a potential security vulnerability with any HP 
supported product, send Email to: security-alert@xxxxxxx  It is 
strongly recommended that security related information being 
communicated to HP be encrypted using PGP, especially exploit 
information.  To get the security-alert PGP key, please send an 
e-mail message as follows: 
  To: security-alert@xxxxxx 
  Subject: get key 

Subscribe: To initiate a subscription to receive future HP 
Security Bulletins via Email: 
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&; 
langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC 

On the web page: ITRC security bulletins and patch sign-up 
Under Step1: your ITRC security bulletins and patches 
  - check ALL categories for which alerts are required and 
    continue. 
Under Step2: your ITRC operating systems 
  - verify your operating system selections are checked and 
    save. 

To update an existing subscription: 
http://h30046.www3.hp.com/subSignIn.php 
Log in on the web page: 
  Subscriber's choice for Business: sign-in. 
On the web page: 
  Subscriber's Choice: your profile summary 
    - use Edit Profile to update appropriate sections. 

To review previously published Security Bulletins visit: 
http://www.itrc.hp.com/service/cki/secBullArchive.do 

* The Software Product Category that this Security Bulletin 
relates to is represented by the 5th and 6th characters of the 
Bulletin number in the title: 

    GN = HP General SW, 
    MA = HP Management Agents, 
    MI = Misc. 3rd party SW, 
    MP = HP MPE/iX, 
    NS = HP NonStop Servers, 
    OV = HP OpenVMS, 
    PI = HP Printing & Imaging, 
    ST = HP Storage SW, 
    TL = HP Trusted Linux, 
    TU = HP Tru64 UNIX, 
    UX = HP-UX, 
    VV = HP Virtual Vault 


System management and security procedures must be reviewed 
frequently to maintain system integrity. HP is continually 
reviewing and enhancing the security features of software products 
to provide customers with current secure solutions. 

"HP is broadly distributing this Security Bulletin in order to 
bring to the attention of users of the affected HP products the 
important security information contained in this Bulletin. HP 
recommends that all users determine the applicability of this 
information to their individual situations and take appropriate 
action. HP does not warrant that this information is necessarily 
accurate or complete for all user situations and, consequently, HP 
will not be responsible for any damages resulting from user's use 
or disregard of the information provided in this Bulletin. To the 
extent permitted by law, HP disclaims all warranties, either 
express or implied, including the warranties of merchantability 
and fitness for a particular purpose, title and non-infringement." 


(c)Copyright 2005 Hewlett-Packard Development Company, L.P. 
Hewlett-Packard Company shall not be liable for technical or 
editorial errors or omissions contained herein. The information 
provided is provided "as is" without warranty of any kind. To the 
extent permitted by law, neither HP nor its affiliates, 
subcontractors or suppliers will be liable for incidental, special 
or consequential damages including downtime cost; lost profits; 
damages relating to the procurement of substitute products or 
services; or damages for loss of data, or software restoration. 
The information in this document is subject to change without 
notice. Hewlett-Packard Company and the names of Hewlett-Packard 
products referenced herein are trademarks of Hewlett-Packard 
Company in the United States and other countries. Other product 
and company names mentioned herein may be trademarks of their 
respective owners. 

- -----BEGIN PGP SIGNATURE----- 
Version: PGP 8.1 

iQA/AwUBQ4RaeuAfOvwtKn1ZEQKOcQCcDTrVk9JcWQXGPnSzCYmxT0bnZPgAoOGk 
C+ko+u9nzOVvUg1wVSSNw6xP 
=fj0w 
- -----END PGP SIGNATURE----- 



- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Hewlett Packard for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQCVAwUBQ4XJjopao72zK539AQGAzAP/QcslVemCvtExmrQ1ucyPx7GEXC3Ddz1y
EeKw3lv6cmZX00q0LJB4560s+PBFN5TcRP+f336swxBzormoFLG2LeVYTnf0xX/g
1BTeDE+OC7YNA6mZNDRZ1dBXKf6kKQJJRwtoieXwr97Rf2MhjJYKiPvfHLmro7sK
pZYMm060VBY=
=bGnq
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________