HP Tru64 UNIX and TruCluster Server Version 5.1.B-4 Patch Summary and Release Notes (13156)
Patch 27016.00
OSFCDEMAIL540
• Corrects several potential security vulnerabilities where, under certain circumstances, system
integrity may be compromised. These may be in the form of improper file access.
• Corrects a potential security vulnerability that may result in unauthorized Privileged Access
or a Denial of Service (DoS). This may be in the form of local and remote security domain
risks.
Patch 27019.00
OSFCDEMIN540
• Fixes several potential security vulnerabilities where, under certain circumstances, system
integrity may be compromised. These may be in the form of improper file access.
• Corrects a potential security vulnerability where under certain circumstances, system integrity
may be compromised when a buffer overflow occurs in the DtSvc utility. Buffer overflows
are sometimes exploited in an attempt to subvert the function of a privileged program and
possibly execute commands at the elevated privileges if the program file has the setuid
privilege.
• Fixes dtterm problem that causes a core dump when the resource saveLines values is set to
1000s in $HOME/Dtterm.
• Corrects a problem that can occur when the screen saver tries to activate on a system that
has reached the maximum number of processes allowed per user and the following message
is displayed:
An attempt to start a new process on host "hostname" failed
• Corrects a potential security vulnerability in CDE code that may result in unauthorized
privileged access. This may be in the form of local and remote security domain risks.
(SSRT3589 - dtmailpr Severity - High)
• Corrects a potential security vulnerability where, under certain circumstances, system
integrity may be compromised when a buffer overflow occurs in the CDE online help. Buffer
overflows are sometimes exploited in an attempt to subvert the function of a privileged
program and possibly execute commands at the elevated privileges if the program file has
the setuid privilege.
• Fixes a dtmail problem that occurs while opening a mail attachment on an NFS-mounted
environment.
Patch 27020.00
OSFCLINET540
• Adds a new table in pm.mib for the pmgrd IoRate Statistics feature.
• Adds the file pmAdvfs.MIB to define AdvFS MIB definitions.
• Allows the optional port argument to the ftp open command to accept port numbers between
32768 and 65535.
• Fixes several potential security vulnerabilities where, under certain circumstances, system
integrity may be compromised. These may be in the form of improper file access.
• Corrects a potential security vulnerability that may allow nonprivileged users to gain
unauthorized (root) access. This may be in the form of local and remote security domain
risks.
• Corrects a potential security vulnerability in BIND 8 code that could result in a local or
remotely exploited Denial of Service (DoS).
(SSRT3653 - BIND v8 — Severity - High)
• Corrects a problem in niffd that results in its memory usage growing over time.
3.4 Summary of Base Operating System Patches 107