|
|
|
|
| |
| Hewlett-Packard Company has learned of a defect in the Event Monitoring System (EMS) version A.03.00 that allows users to change file permissions on any file in the root partition. This affects ServiceGuard OPS edition as well as MC/ServiceGuard. This vulnerability has been reported by us in our previous advisory: HP-UX resource monitor service. Now a solution is available for this problem. |
| |
Credit:
The information has been provided by Oonk, Patrick.
|
| |
Vulnerable systems:
The Event Monitoring System (EMS) release A.03.00, and earlier.
Platform:
HP9000 Series 700/800 running HP-UX releases 10.20 and 11.00.
Solution:
Hewlett-Packard Company recommends that users of early releases of the Event Monitoring Service migrate to EMS A.03.20.
To identify the EMS release in use on your system, perform the following: In the directory /etc/opt/resmon/lbin run:
$ what p_client registrar
p_client:
EMS (A.03.20)
registrar:
EMS (A.03.20)
The Application CD's are the source of the fixed code starting with newer releases in the December 98 Application CD, EMS A.03.00. Since EMS A.03.00 was shipped, there have been two newer versions: EMS A.03.10, and EMS A.03.20. Both of these are available for HP-UX 10.20 and 11.00 to correct the problem.
|
|
|
|
|
