SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   HPE Ignite-UX Vendors:   HPE
HP-UX Ignite-UX/DynRootDisk get_system_info Command Bug Lets Local Users Modify the Network Configuration
SecurityTracker Alert ID:  1018607
SecurityTracker URL:  http://securitytracker.com/id/1018607
CVE Reference:   CVE-2007-4590   (Links to External Site)
Updated:  Mar 26 2008
Original Entry Date:  Aug 27 2007
Impact:   Modification of system information
Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in HP-UX running Ignite-UX or DynRootDisk. A local user can modify system networking parameters on the target system.

A local user can exploit a flaw in the get_system_info command to make changes to system networking parameters.

Systems running Ignite-UX vC.7.0, vC.7.1, vC.7.2, vC.7.3 or the DynRootDisk (DRD) vA.1.0.16.417, vA.1.0.18.245, vA.1.1.0.344, or vA.2.0.0.592 are affected.

Impact:   A local user can modify network configuration parameters on the target system.
Solution:   The vendor is working on a fix. HP has described the following workaround [quoted]:

Until an update is available, HP has made the following procedure available to resolve the issue.

1. Download the script "get_system_info.wrapper" from the following ftp site:
ftp://ss071442:ss071442@hprc.external.hp.com/

2 .Verify the cksum or md5 sum:
cksum: 3713651406 5189 get_system_info.wrapper
MD5 (get_system_info.wrapper) = 99d725b5b93115ae418ad6ec1b5ab60d

3. As root, copy the script into a secure directory.

4. As root, run the script. The script will display the files it is replacing.

For example:

#$secure_directory/get_system_info_wrapper
Replacing /opt/ignite/lbin/get_system_info with $secure_directory/get_system_info.wrapper
Replacing /opt/drd/lbin/get_system_info with $secure_directory/get_system_info.wrapper

where $secure_directory is the path to the secure directory containing the script.

5. The script must be executed whenever a vulnerable version of the fileset Ignite-UX.MGMT-TOOLS or the fileset DRD.DRD-RUN is reinstalled.

The HP advisory is available at:

https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c01118367

Vendor URL:  www2.itrc.hp.com/service/cki/docDisplay.do?docId=c01118367 (Links to External Site)
Cause:   Access control error
Underlying OS:  UNIX (HP/UX)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC