[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 441/06 - Two Hewlett Packard Security Bulletins:



-----BEGIN PGP SIGNED MESSAGE-----

______________________________________________________________________________

 UNIRAS (UK Government CERT) Briefing - 441/06 dated 30.06.06 time 12:00
 UNIRAS is part of NISCC (the UK National Infrastructure Security
 Co-ordination Centre)
______________________________________________________________________________

 UNIRAS material is also available from its website at www.uniras.gov.uk
 Information about NISCC is available from www.niscc.gov.uk
______________________________________________________________________________

Title
=====

Two Hewlett Packard Security Bulletins:

1. HPSBTU02125 SSRT061105 rev.1 - HP Tru64 UNIX Running Perl 5.8.2 and earlier, 
Local Unauthorized Code Execution

2. HPSBUX02122 SSRT061158 rev.2 - HP-UX Mozilla Remote Execution of Arbitrary Code, 
Denial of Service (DoS)

Detail
======

1. Potential security vulnerabilities have been identified in Perl 5.8.2 and earlier running on 
HP Tru64 UNIX. These vulnerabilities could be exploited by a local user to execute
unauthorized code.

2. Potential security vulnerabilities have been identified with Mozilla running on HP-UX. 
These vulnerabilities could be exploited remotely to allow execution of arbitrary code 
or Denial of Service (DoS).




1.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
SUPPORT COMMUNICATION - SECURITY BULLETIN
 
Document ID: c00686865
Version: 1
 
HPSBTU02125 SSRT061105 rev.1 - HP Tru64 UNIX Running Perl 5.8.2 and earlier, 
Local Unauthorized Code Execution
 
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
 
Release Date: 2006-06-28
Last Updated: 2006-06-28
 
Potential Security Impact: Local unauthorized code execution
 
Source: Hewlett-Packard Company, HP Software Security Response Team
 
VULNERABILITY SUMMARY
 
Potential security vulnerabilities have been identified in Perl 5.8.2 and earlier running on 
HP Tru64 UNIX. These vulnerabilities could be exploited by a local user to execute
unauthorized code.
 
References: CVE-2005-3962
 
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
 
Perl 5.8.2 and earlier provided with:
 
    * HP Tru64 UNIX 5.1B-3
    * HP Tru64 UNIX 5.1B-2/PK4
    * HP Tru64 UNIX 5.1A PK6
    * HP Internet Express 6.3 for HP Tru64 UNIX
    * HP Internet Express 6.4 for HP Tru64 UNIX
    * HP Tru64 UNIX Associated Products CD (APCD) for HP Tru64 UNIX v 5.1B-3 (BL25) and earlier
 
BACKGROUND
 
RESOLUTION
 
HP has released a setld-based patch kit PERL_V51BB26-ES-20060612 with Perl 5.8.7 
publicly for use by any customer.
 
The patch kit can be installed on any Tru64 UNIX system running Perl from any of the impacted 
software versions noted in the SUPPORTED SOFTWARE VERSIONS section of this bulletin.
 
The patched Perl 5.8.7 is also available on HP Internet Express v 6.5.
 
HP Tru64 UNIX v 5.1B-3 Perl Patch Kit
Location: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=PERL_V51BB26-ES-20060612
Name: PERL_V51BB26-ES-20060612
MD5 Checksum: 49bb5de02b3236a0991698ec5f3ca648
 
HP Internet Express v 6.5 (Internet products and solutions for Tru64 UNIX Website)
Location: http://h30097.www3.hp.com/internet/prod_sol.htm
 
PRODUCT SPECIFIC INFORMATION
 
HISTORY
Version: 1 (rev.1) 28 June 2006 Initial release
 
Support: For further information, contact normal HP Services
support channel.
 
Report: To report a potential security vulnerability with any HP
supported product, send Email to: security-alert@xxxxxxx  It is
strongly recommended that security related information being
communicated to HP be encrypted using PGP, especially exploit
information.  To get the security-alert PGP key, please send an
e-mail message as follows:
  To: security-alert@xxxxxx
  Subject: get key
 
Subscribe: To initiate a subscription to receive future HP
Security Bulletins via Email:
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&;
langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC
 
On the web page: ITRC security bulletins and patch sign-up
Under Step1: your ITRC security bulletins and patches
  - check ALL categories for which alerts are required and
    continue.
Under Step2: your ITRC operating systems
  - verify your operating system selections are checked and
    save.
 
To update an existing subscription:
http://h30046.www3.hp.com/subSignIn.php
Log in on the web page:
  Subscriber's choice for Business: sign-in.
On the web page:
  Subscriber's Choice: your profile summary
    - use Edit Profile to update appropriate sections.
 
To review previously published Security Bulletins visit:
http://www.itrc.hp.com/service/cki/secBullArchive.do
 
* The Software Product Category that this Security Bulletin
relates to is represented by the 5th and 6th characters of the
Bulletin number in the title:
 
    GN = HP General SW,
    MA = HP Management Agents,
    MI = Misc. 3rd party SW,
    MP = HP MPE/iX,
    NS = HP NonStop Servers,
    OV = HP OpenVMS,
    PI = HP Printing & Imaging,
    ST = HP Storage SW,
    TL = HP Trusted Linux,
    TU = HP Tru64 UNIX,
    UX = HP-UX,
    VV = HP Virtual Vault
 

System management and security procedures must be reviewed
frequently to maintain system integrity. HP is continually
reviewing and enhancing the security features of software products
to provide customers with current secure solutions.
 
"HP is broadly distributing this Security Bulletin in order to
bring to the attention of users of the affected HP products the
important security information contained in this Bulletin. HP
recommends that all users determine the applicability of this
information to their individual situations and take appropriate
action. HP does not warrant that this information is necessarily
accurate or complete for all user situations and, consequently, HP
will not be responsible for any damages resulting from user's use
or disregard of the information provided in this Bulletin. To the
extent permitted by law, HP disclaims all warranties, either
express or implied, including the warranties of merchantability
and fitness for a particular purpose, title and non-infringement."
 

(c)Copyright 2006 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or
editorial errors or omissions contained herein. The information
provided is provided "as is" without warranty of any kind. To the
extent permitted by law, neither HP nor its affiliates,
subcontractors or suppliers will be liable for incidental, special
or consequential damages including downtime cost; lost profits;
damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration.
The information in this document is subject to change without
notice. Hewlett-Packard Company and the names of Hewlett-Packard
products referenced herein are trademarks of Hewlett-Packard
Company in the United States and other countries. Other product
and company names mentioned herein may be trademarks of their
respective owners.
- -----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
 
iQA/AwUBRKOoS+AfOvwtKn1ZEQLgaQCdHaIhXQSH77DWrWHmmd1qwBmlkgcAoPoD
gxkTgvKBXn7wXrvg9tY8PcqF
=FnzZ
- -----END PGP SIGNATURE-----



2.



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
SUPPORT COMMUNICATION - SECURITY BULLETIN
 
Document ID: c00679472
Version: 2
 
HPSBUX02122 SSRT061158 rev.2 - HP-UX Mozilla Remote Execution of Arbitrary Code, 
Denial of Service (DoS)
 
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
 
Release Date: 2006-05-30
Last Updated: 2006-06-28
 
Potential Security Impact: Remote execution of arbitrary code, Denial of Service (DoS)
 
Source: Hewlett-Packard Company, HP Software Security Response Team
 
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with Mozilla running on HP-UX. 
These vulnerabilities could be exploited remotely to allow execution of arbitrary code 
or Denial of Service (DoS).
 
References: Mozilla Foundation Security Advisory (MFSA) 2006-27, MFSA 2006-25, 
MFSA 2006-24, MFSA 2006-22, MFSA 2006-21, MFSA 2006-19, MFSA 2006-18, 
MFSA 2006-17, MFSA 2006-16, MFSA 2006-15, MFSA 2006-14, MFSA 2006-13, 
MFSA 2006-12, MFSA 2006-11, MFSA 2006-10, MFSA 2006-09, MFSA 2006-05, 
MFSA 2006-03, MFSA 2006-01
 
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
Mozilla versions prior to 1.7.13 running on HP-UX B.11.00, B.11.11, and B.11.23.
 
BACKGROUND
 
The following potential security vulnerabilities have been addressed in Mozilla 1.7.13:
 
MFSA 2006-27 Table Rebuilding Code Execution Vulnerability
MFSA 2006-25 Privilege escalation through Print Preview
MFSA 2006-24 Privilege escalation using crypto.generateCRMFRequest
MFSA 2006-23 File stealing by changing input type
MFSA 2006-22 CSS Letter-Spacing Heap Overflow Vulnerability
MFSA 2006-21 JavaScript execution in mail when forwarding in-line
MFSA 2006-19 Cross-site scripting using .valueOf.call()
MFSA 2006-18 Mozilla Firefox Tag Order Vulnerability
MFSA 2006-17 cross-site scripting through window.controllers
MFSA 2006-16 Accessing XBL compilation scope via valueOf.call()
MFSA 2006-15 Privilege escalation using a JavaScript function's cloned parent
MFSA 2006-14 Privilege escalation via XBL.method.eval
MFSA 2006-13 Downloading executables with "Save Image As..."
MFSA 2006-12 Secure-site spoof (requires security warning dialog)
MFSA 2006-11 Crashes with evidence of memory corruption (rv:1.8)
MFSA 2006-10 JavaScript garbage-collection hazard audit
MFSA 2006-09 Cross-site JavaScript injection using event handlers
MFSA 2006-05 Localstore.rdf XML injection through XULDocument.persist()
MFSA 2006-03 Long document title causes startup denial of Service
MFSA 2006-01 JavaScript garbage-collection hazards
 
For further information please refer to:
http://www.mozilla.org/projects/security/known-vulnerabilities.html
 
AFFECTED VERSIONS
 
HP-UX B.11.00
HP-UX B.11.11
HP-UX B.11.23
=============
Mozilla.MOZ-COM
 ->action: install Mozilla 1.7.13
 
END AFFECTED VERSIONS
RESOLUTION
 
 -> HP has made Mozilla version 1.7.13 available to resolve the potential vulnerabilities.
 ->It can be downloaded from http://www.hp.com/go/mozilla .
 
NOTE: ->Customers who installed the preliminary version of 1.7.13 from Mozilla.org should 
install Mozilla 1.7.13 as described above. The preliminary version was discussed in rev.1 of 
this Security Bulletin.
 
MANUAL ACTION: Yes - Update
 ->Update to Mozilla 1.7.13
 
PRODUCT SPECIFIC INFORMATION
 
HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all 
HP-issued Security Bulletins to provide a subset of recommended actions that potentially 
affect a specific HP-UX system. For more information:
http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
 
HISTORY
Version:1 (rev.1) - 30 May 2006 Initial release
Version:2 (rev.2) - 28 June 2006 Mozilla 1.7.13 available
 
Support: For further information, contact normal HP Services
support channel.
 
Report: To report a potential security vulnerability with any HP
supported product, send Email to: security-alert@xxxxxxx  It is
strongly recommended that security related information being
communicated to HP be encrypted using PGP, especially exploit
information.  To get the security-alert PGP key, please send an
e-mail message as follows:
  To: security-alert@xxxxxx
  Subject: get key
 
Subscribe: To initiate a subscription to receive future HP
Security Bulletins via Email:
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&;
langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC
 
On the web page: ITRC security bulletins and patch sign-up
Under Step1: your ITRC security bulletins and patches
  - check ALL categories for which alerts are required and
    continue.
Under Step2: your ITRC operating systems
  - verify your operating system selections are checked and
    save.
 
To update an existing subscription:
http://h30046.www3.hp.com/subSignIn.php
Log in on the web page:
  Subscriber's choice for Business: sign-in.
On the web page:
  Subscriber's Choice: your profile summary
    - use Edit Profile to update appropriate sections.
 
To review previously published Security Bulletins visit:
http://www.itrc.hp.com/service/cki/secBullArchive.do
 
* The Software Product Category that this Security Bulletin
relates to is represented by the 5th and 6th characters of the
Bulletin number in the title:
 
    GN = HP General SW,
    MA = HP Management Agents,
    MI = Misc. 3rd party SW,
    MP = HP MPE/iX,
    NS = HP NonStop Servers,
    OV = HP OpenVMS,
    PI = HP Printing & Imaging,
    ST = HP Storage SW,
    TL = HP Trusted Linux,
    TU = HP Tru64 UNIX,
    UX = HP-UX,
    VV = HP Virtual Vault
 

System management and security procedures must be reviewed
frequently to maintain system integrity. HP is continually
reviewing and enhancing the security features of software products
to provide customers with current secure solutions.
 
"HP is broadly distributing this Security Bulletin in order to
bring to the attention of users of the affected HP products the
important security information contained in this Bulletin. HP
recommends that all users determine the applicability of this
information to their individual situations and take appropriate
action. HP does not warrant that this information is necessarily
accurate or complete for all user situations and, consequently, HP
will not be responsible for any damages resulting from user's use
or disregard of the information provided in this Bulletin. To the
extent permitted by law, HP disclaims all warranties, either
express or implied, including the warranties of merchantability
and fitness for a particular purpose, title and non-infringement."
 

(c)Copyright 2006 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or
editorial errors or omissions contained herein. The information
provided is provided "as is" without warranty of any kind. To the
extent permitted by law, neither HP nor its affiliates,
subcontractors or suppliers will be liable for incidental, special
or consequential damages including downtime cost; lost profits;
damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration.
The information in this document is subject to change without
notice. Hewlett-Packard Company and the names of Hewlett-Packard
products referenced herein are trademarks of Hewlett-Packard
Company in the United States and other countries. Other product
and company names mentioned herein may be trademarks of their
respective owners.
- -----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
 
iQA/AwUBRKOqFuAfOvwtKn1ZEQJrYACbBvPn1WfX6J0qyav2DFUsUpcskGgAn1su
HgE7HDhHWrJesFgSVnGW+EKB
=MvLb
- -----END PGP SIGNATURE-----



______________________________________________________________________________

For additional information or assistance, please contact our help desk
by telephone.  You may send Not Protectively Marked information via
e-mail to uniras@xxxxxxxxxxxxx

Office hours:

Mon - Fri: 08:30 - 17:00 hours
Tel: +44 (0) 870 487 0748 extension 4511
Fax: +44 (0) 870 487 0749

On-call duty officer outside office hours:
Tel: +44 (0) 870 487 0748 and follow the voice prompts

______________________________________________________________________________

UNIRAS wishes to acknowledge the contributions of Hewlett Packard for the
information contained in this briefing.
______________________________________________________________________________

This notice contains information released by the original author.
Some of the information may have changed since it was released. If the
vulnerability affects you, it may be prudent to retrieve the advisory
from the site of the original source to ensure that you receive the most
current information concerning that problem.

Reference to any specific commercial product, process, or service by
trade name, trademark manufacturer, or otherwise, does not constitute or
imply its endorsement, recommendation, or favouring by UNIRAS or NISCC.
The views and opinions of authors expressed within this notice shall not
be used for advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors
or omissions contained within this briefing notice. In particular, they
shall not be liable for any loss or damage whatsoever, arising from or
in connection with the usage of information contained within this
notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams
(FIRST) and has contacts with other international Incident Response
Teams (IRTs) in order to foster cooperation and coordination in incident
prevention, to prompt rapid reaction to incidents, and to promote
information sharing amongst its members and the community at large.
______________________________________________________________________________

<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQCVAwUBRKUDlIpao72zK539AQHY0wQAph0LA+aru2dzzyGvAZbVCB5hZG/dJhTa
EwlxYr3akOPjwEfmwATUUJ0cl9jgJNhEJSTcpyrG6W4JR825jTfqYicby5iT/8o0
hFkZ/GG2el/bSDY9e1lcUf1hvDB8HsdNOv40EFp9wSbLUvPfmd6rKCRwkEGGwLxL
TVLI9l0HQ9o=
=S7nJ
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________