From support@us.external.hp.com Wed Mar 13 00:51:14 1996
Date: Wed, 13 Mar 1996 01:00:06 -0800
From: HPSL Mail Service <support@us.external.hp.com>
Reply to: support-feedback@us.external.hp.com
To: Damien Sorder <jericho@netcom.com>
Subject: RE: send doc HPSBUX9504-027

--------
## Regarding your request:
   Send Doc HPSBUX9504-027

The following are the results of your request from the HP SupportLine mail
service.

===============================================================================
Document Id: [HPSBUX9504-027]
Date Loaded: [10-26-95]

Description: Security Vulnerability in HP VUE 3.0
===============================================================================

-------------------------------------------------------------------------
      HEWLETT-PACKARD SECURITY BULLETIN: #00027, 1 May 95
-------------------------------------------------------------------------
Hewlett-Packard recommends that the information in the following
Security Bulletin should be acted upon as soon as possible. Hewlett-
Packard will not be liable for any consequences to any customer resulting
from customer"s failure to fully implement instructions in this Security
Bulletin as soon as possible.
_______________________________________________________________________
PROBLEM:  Security vulnerability in HP VUE
PLATFORM: HP 9000 series 300/400s and/or 700/800s at 9.x
DAMAGE:   Local users can obtain root privilege.
SOLUTION: Apply patch PHSS_4994 (series 700/800, HP-UX 9.x), or
                      PHSS_5438 (series 300/400, HP-UX 9.x)

AVAILABILITY: Patches are available now.
_______________________________________________________________________
I. Vulnerability in HP VUE 3.0.

   A. A vulnerability in HP VUE 3.0.

   A vulnerability in HP VUE 3.0 has been found that allows local users
   to obtain superuser privileges.  All HP-UX series 300, 400, 700, and
   800 systems at HP-UX 9.x are vulnerable to this problem.  Systems
   running HP-UX version 8.x are not vulnerable because they run VUE
   2.01.

   B. Fixing the problem

   The vulnerability can be eliminated from releases 9.x HP-UX by
   applying a patch.  Releases of HP-UX prior to 9.x are not vulnerable.

   Hewlett-Packard recommends that all customers concerned with the
   security of their HP-UX systems either apply the appropriate
   patch or change perform the actions described above as soon as possible.

   C. How to Install the Patch (for HP-UX 9.x)

   1.  Determine which patch is appropriate for your hardware platform
       and operating system:

                      PHSS_4994 (series 700/800, HP-UX 9.x),
                      PHSS_5438 (series 300/400, HP-UX 9.x)

   2.  Hewlett Packard"s HP-UX patches are available via email
        and World Wide Web

        To obtain a copy of the HP SupportLine email service user"s guide,
        send the following in the TEXT PORTION OF THE MESSAGE to
        support@support.mayfield.hp.com (no Subject is required):

                      send guide

        The users guide explains the process for downloading HP-UX patches
        via email and other services available.

        World Wide Web service for downloading of patches
        is available via our URL:
        (http://support.mayfield.hp.com)


   3.  Apply the patch to your HP-UX system.

   4.  Examine /tmp/update.log for any relevant WARNINGs or ERRORs.  This
       can be done as follows:

       a.  At the shell prompt, type ""tail -60 /tmp/update.log | more""
       b.  Page through the next three screens via the space bar, looking
           for WARNING or ERROR messages.


    D. Impact of the patch and workaround

    The patch for HP-UX releases 9.x provides a new version of
    HP VUE 3.0 which fixes the vulnerability.  The vulnerability does
    not exist in prior versions of HP-UX.


    E. To subscribe to automatically receive future NEW HP Security
        Bulletins from the HP SupportLine mail service via electronic
        mail, send an email message to:

        support@support.mayfield.hp.com   (no Subject is required)

        Multiple instructions are allowed in the TEXT PORTION OF THE
        MESSAGE, here are some basic instructions you may want to use:

        To add your name to the subscription list for new security
        bulletins, send the following in the TEXT PORTION OF THE MESSAGE:

                  subscribe security_info

        To retrieve the index of all HP Security Bulletins issued to date,
        send the following in the TEXT PORTION OF THE MESSAGE:

                  send security_info_list

        To get a patch matrix of current HP-UX and BLS security
        patches referenced by either Security Bulletin or Platform/OS,
        put the following in the text portion of your message:

                  send hp-ux_patch_matrix

        World Wide Web service for browsing of bulletins
        is available via our URL:
        (http://support.mayfield.hp.com)

        Choose ""Support news"", then under Support news,
        choose ""Security Bulletins""


    F. To report new security vulnerabilities, send email to

          security-alert@hp.com
_______________________________________________________________________