-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===============================================================================
>>                                                      CERT-NL, 01-Mar-2000 <<
>> All CERT-NL information has been moved to http://cert.surfnet.nl.  Links  <<
>> to CERT-NL information contained in this advisory are therefore outdated. <<
>>                                                                           <<
>> CERT-NL also has stopped the CERT-CC-Mirror service.  Due to this the     <<
>> links to the CERT-CC mirror are obsolete. Visit the CERT-CC site for the  <<
>> complete CERT-CC advisory texts:                     http://www.cert.org  <<
===============================================================================
===============================================================================
Security Advisory                                                       CERT-NL
===============================================================================
Author/Source : CERT-NL (Teun Nijssen)                      Index  :    S-94-11
Distribution  : World                                       Page   :          1
Classification: External                                    Version:      Final
Subject       : Security Vulnerability in HP Vue 3.0        Date   :  22-Apr-94
===============================================================================

Synopsis:

_______________________________________________________________________________

PROBLEM:  Security vulnerability in HP-UX systems running HP Vue 3.0, only
PLATFORM: HP 9000 series 300/400/700/800 at HP-UX revision 9.X, only
DAMAGE:   Unauthorized root access
SOLUTION: Apply patch PHSS_4038 (700/800) or PHSS_4055 (300/400).
_______________________________________________________________________________


I.  Description

   A vulnerability has been discovered which allows non privileged
   users of HP 9000 series machines with models 300/400/700/800
   at HP-UX revision 9.X and running HP Vue 3.0 to obtain root
   privileges. Other versions of HP-UX and HP Vue do not have
   this vulnerability.

II. Solution

   HP has provided a patch to solve this problem. The description
   below comes from "HEWLETT-PACKARD SECURITY BULLETIN: #00008,
   19 April 1994"

- -------------------------------------------------------------------------------
   A. Fixing the problem

      The problem can be fixed by applying patch PHSS_4038 (700/800)
      or PHSS_4055 (300/400).

   B. How to Install the Patch

   1.  Get a copy of the patch from one of the following locations:

       a. HP SupportLine Mail Service

       To obtain the patch, send the following in the TEXT PORTION
       OF THE MESSAGE to support@support.mayfield.hp.com
       (no Subject is required):

                send PHSS_4038

                or

                send PHSS_4055

       It will automatically be emailed back to you.  Note that
       users may also download the patch from HP SupportLine via
       ftp, kermit, or uucp.

       b. Response Center Support

       If you need additional assistance and have a support
       contract, you can contact your local Response Center for
       further help.

   2.  The patch information is current as of April 19, 1994.  You
       should list the patch:

             more PHSS_4038
             more PHSS_4055

       If it has been replaced there will be banner text saying:

                   OBSOLETE
                   REPLACED
                      BY
                   PHSS_NNNN


   3.  Apply the patch to your HP-UX system.  The complete instructions
       for applying the patch are in PHSS_40xx.text.

   4.  Examine /tmp/update.log for any relevant WARNINGs or ERRORs. This
       can be done as follows:

       a.  At the shell prompt, type "tail -60 /tmp/update.log | more"
       b.  Page through the next three screens via the space bar, looking
           for WARNING or ERROR messages.

- ----------------------------------------------------------------------

CERT-NL thanks Peter van Dijk of Erasmus University Rotterdam and the
programmers of the Hermes software of TNO and EUR for bringing this
information to our attention. CERT-NL also thanks Hewlett and Packard
for their activities to patch this vulnerability soon after its discovery.

==============================================================================
CERT-NL is the Computer Emergency Response Team for SURFnet customers. SURFnet
is the Dutch network for educational, research and related institutes. CERT-NL
is a member of the Forum of Incident Response and Security Teams (FIRST).

All CERT-NL material is available under:
  http://cert.surfnet.nl/

In case of computer or network security problems please contact your local
CERT/security-team or CERT-NL  (if your institute is NOT a SURFnet customer
please address the appropriate (local) CERT/security-team).

CERT-NL is one/two hour(s) ahead of UTC (GMT) in winter/summer,
i.e. UTC+0100 in winter and UTC+0200 in summer (DST).

   Email:     cert-nl@surfnet.nl     ATTENDED REGULARLY ALL DAYS
   Phone:     +31 302 305 305        BUSINESS HOURS ONLY
   Fax:       +31 302 305 329        BUSINESS HOURS ONLY
   Snailmail: SURFnet bv
              Attn. CERT-NL
              P.O. Box 19035
              NL - 3501 DA  UTRECHT
              The Netherlands

NOODGEVALLEN:    06 22 92 35 64      ALTIJD BEREIKBAAR
EMERGENCIES : +31 6 22 92 35 64      ATTENDED AT ALL TIMES
CERT-NL'S EMERGENCY PHONENUMBER IS ONLY TO BE USED IN CASE OF EMERGENCIES:
THE SURFNET HELPDESK OPERATING THE EMERGENCY NUMBER HAS A *FIXED*
PROCEDURE FOR DEALING WITH YOUR ALERT AND WILL IN REGULAR CASES RELAY IT
TO CERT-NL IN AN APPROPRIATE MANNER. CERT-NL WILL THEN CONTACT YOU.
===============================================================================

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1i

iQA/AwUBOL6WEzSYjBqwfc9jEQKlGwCgmSroMon9BoHlPdwiH05RPVoli6kAn3Lm
FO4JeZR72GYiHbG4c03lfN39
=S+xk
-----END PGP SIGNATURE-----