SSRT2384 rev.2 HP-UX RPC remote Denial of Service (DoS)

From: Security Alert (secure_at_hpchs.cup.hp.com)
Date: 02/24/05

  • Next message: Security Alert: "SSRT3613 rev.1 HP-UX B6848AB GTK+ Support Libraries elevated privileges"
    Date: Thu, 24 Feb 2005 12:42:27 GMT
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    HP SECURITY BULLETIN

    HPSBUX01020 REVISION: 2

    SSRT2384 rev.2 HP-UX RPC remote Denial of Service (DoS)

    NOTICE:
    There are no restrictions for distribution of this Security
    Bulletin provided that it remains complete and intact.

    The information in this Security Bulletin should be acted upon
    as soon as possible.

    INITIAL RELEASE:
    22 February 2005

    POTENTIAL SECURITY IMPACT:
    remote Denial of Service (DoS)

    SOURCE:
    Hewlett-Packard Company
    HP Software Security Response Team

    VULNERABILITY SUMMARY:
    A potential security vulnerability has been identified with HP-UX
    running RPC services, where the vulnerability may be exploited by
    an unauthorized remote user to create a denial of service (DoS).

    REFERENCES:
    CERT VU#266817

    SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
    HP-UX B.11.00, B.11.04, B.11.11, B.11.22, B.11.23.

    BACKGROUND:

    The patches listed below provide the non-blocking I/O
    functionality of ONC 2.3 in ONC 1.2. For this feature to be
    enabled an application must use either rpc_control() or
    svc_control(). New macros have been added for these API's to
    allow applications to work in non-blocking mode. The patches
    deliver RPC daemons which have been recompiled to enable the
    non-blocking I/O functionality.

         AFFECTED VERSIONS

         Note: To determine if a system has an affected version,
               search the output of "swlist -a revision -l fileset"
               for an affected fileset. Then determine if the
               recommended patch or update is installed.

         HP-UX B.11.23
         For Integrity (IA) servers
         =============

         NFS.NFS-SHLIBS
         action: install PHNE_30090 or subsequent

         NFS.NIS2-CLIENT
         NFS.NIS2-SERVER
         NFS.NISPLUS2-CORE
         action: install PHNE_30091 or subsequent

         NFS.KEY-CORE
         NFS.NFS2-CORE
         NFS.NFS2-SERVER
         action: install PHNE_30092 or subsequent

         NFS.NFS2-CORE
         action: install PHNE_30093 or subsequent

         NFS.NFS2-SERVER
         action: install PHNE_30094 or subsequent

         HP-UX B.11.23
     ->For HP 9000 (PA) servers
         =============

         NFS.NFS-SHLIBS
         NFS.NIS2-CLIENT
         NFS.NIS2-SERVER
         NFS.NISPLUS2-CORE
         NFS.KEY-CORE
         NFS.NFS2-CORE
         NFS.NFS2-SERVER
     ->action: install PHKL_31500 or subsequent

         HP-UX B.11.22
         =============

         NFS.NFS-PRG
         NFS.NIS-SERVER
         NFS.KEY-CORE
         NFS.NFS-KRN
         NFS.NFS-SHLIBS
         NFS.NFS2-CLIENT
         NFS.NFS2-CORE
         NFS.NFS2-SERVER
         NFS.NIS2-CLIENT
         NFS.NIS2-CORE
         NFS.NIS2-SERVER
         NFS.NISPLUS2-CORE

         action: install PHNE_29449 or subsequent

         HP-UX B.11.11
         =============

         NFS.KEY-CORE
         NFS.NFS-CLIENT
         NFS.NFS-CORE
         NFS.NFS-PRG
         NFS.NFS-SERVER
         NFS.NFS-SHLIBS
         NFS.NIS-CLIENT
         NFS.NIS-CORE
         NFS.NIS-SERVER
         NFS.NISPLUS-CORE
         NFS.NFS-KRN

         action: install PHNE_29211 or subsequent

         HP-UX B.11.04
         =============

         NFS.NFS-CLIENT
         NFS.KEY-CORE
         NFS.NFS-SHLIBS

         action: install PHNE_30808 or subsequent

         HP-UX B.11.00
         =============

         OS-Core.CORE2-KRN
         NFS.NFS-KRN
         NFS.NFS-CLIENT
         NFS.NFS-PRG
         NFS.KEY-CORE
         NFS.NISPLUS-CORE
         NFS.NFS-SERVER
         NFS.NFS-SHLIBS
         NFS.NIS-CORE
         NFS.NIS-CLIENT
         NFS.NIS-SERVER
         InternetSrvcs.INETSVCS-INETD

         action: install PHNE_29210 or subsequent

         END AFFECTED VERSIONS

    RESOLUTION:
    HP has made the following patches available from
    http://itrc.hp.com to resolve the issue:

         B.11.23 (IA) - PHNE_30090 or subsequent
         B.11.23 (IA) - PHNE_30091 or subsequent
         B.11.23 (IA) - PHNE_30092 or subsequent
         B.11.23 (IA) - PHNE_30093 or subsequent
         B.11.23 (IA) - PHNE_30094 or subsequent

      ->B.11.23 (PA) - PHKL_31500 or subsequent

         B.11.22 - PHNE_29449 or subsequent

         B.11.11 - PHNE_29211 or subsequent

         B.11.04 - PHNE_30808 or subsequent

         B.11.00 - PHNE_29210 or subsequent

    MANUAL ACTIONS: No

    BULLETIN REVISION HISTORY:
    Revision 0: 27 April 2004
      Initial release.

    Revision 1: 08 June 2004
      Added PHNE_30808.

    Revision 2: 22 February 2005
      Added PHKL_31500.

    -----BEGIN PGP SIGNATURE-----
    Version: PGP 8.1

    iQA/AwUBQhx4Y+AfOvwtKn1ZEQKmegCdFrmDiaP65DcUiOF3UFHK+nF5IGUAoIFq
    /28BHRQpC1QnmjpUMxX59M0s
    =h/NE
    -----END PGP SIGNATURE-----

    --
    Yours truly,
    HP S/W Security Team
    WTEC Cupertino, California
    Return-Path: secure@cup.hp.com
    Reply-to: security-alert@hp.com
    

  • Next message: Security Alert: "SSRT3613 rev.1 HP-UX B6848AB GTK+ Support Libraries elevated privileges"

    Relevant Pages