HP Tru64 UNIX and TruCluster Server Version 5.1.B-4 Patch Summary and Release Notes (13156)

ManualsBrandsHP ManualsSoftwareTru64 UNIX 5.1

101

102

103

104

105

106

107

108

109

110

Patch 27016.00

OSFCDEMAIL540

• Corrects several potential security vulnerabilities where, under certain circumstances, system

integrity may be compromised. These may be in the form of improper file access.

• Corrects a potential security vulnerability that may result in unauthorized Privileged Access

or a Denial of Service (DoS). This may be in the form of local and remote security domain

risks.

Patch 27019.00

OSFCDEMIN540

• Fixes several potential security vulnerabilities where, under certain circumstances, system

integrity may be compromised. These may be in the form of improper file access.

• Corrects a potential security vulnerability where under certain circumstances, system integrity

may be compromised when a buffer overflow occurs in the DtSvc utility. Buffer overflows

are sometimes exploited in an attempt to subvert the function of a privileged program and

possibly execute commands at the elevated privileges if the program file has the setuid

privilege.

• Fixes dtterm problem that causes a core dump when the resource saveLines values is set to

1000s in $HOME/Dtterm.

• Corrects a problem that can occur when the screen saver tries to activate on a system that

has reached the maximum number of processes allowed per user and the following message

is displayed:

An attempt to start a new process on host "hostname" failed

• Corrects a potential security vulnerability in CDE code that may result in unauthorized

privileged access. This may be in the form of local and remote security domain risks.

(SSRT3589 - dtmailpr Severity - High)

• Corrects a potential security vulnerability where, under certain circumstances, system

integrity may be compromised when a buffer overflow occurs in the CDE online help. Buffer

overflows are sometimes exploited in an attempt to subvert the function of a privileged

program and possibly execute commands at the elevated privileges if the program file has

the setuid privilege.

• Fixes a dtmail problem that occurs while opening a mail attachment on an NFS-mounted

environment.

Patch 27020.00

OSFCLINET540

• Adds a new table in pm.mib for the pmgrd IoRate Statistics feature.

• Adds the file pmAdvfs.MIB to define AdvFS MIB definitions.

• Allows the optional port argument to the ftp open command to accept port numbers between

32768 and 65535.

• Fixes several potential security vulnerabilities where, under certain circumstances, system

integrity may be compromised. These may be in the form of improper file access.

• Corrects a potential security vulnerability that may allow nonprivileged users to gain

unauthorized (root) access. This may be in the form of local and remote security domain

risks.

• Corrects a potential security vulnerability in BIND 8 code that could result in a local or

remotely exploited Denial of Service (DoS).

(SSRT3653 - BIND v8 — Severity - High)

• Corrects a problem in niffd that results in its memory usage growing over time.

3.4 Summary of Base Operating System Patches 107