Security Vulnerability with ftp on HP-UX
Document ID: HPSBUX9807-079
Date Loaded: 19980722
Title: Security Vulnerability with ftp on HP-UX
-------------------------------------------------------------------------
PROBLEM: ftp client interprets server provided filenames which can
cause commands to be run on the client.
PLATFORM: HP9000 series 700/800, HP-UX releases 9.X, 10.X, and 11.00
DAMAGE: Local users can increase their privileges
SOLUTION: Install the patches listed below.
AVAILABILITY: All patches are available now, except as noted.
-------------------------------------------------------------------------
I.
A. Background
The ftp client can be tricked into running arbitrary commands
supplied by the remote server.
B. Fixing the problem
Install the applicable patches for the fileset: ARPA-RUN ARPA-MAN
HP-UX release 9.X PHNE_13595
Install the applicable patches for the fileset:
InternetSrvcs.INETSVCS-RUN or InternetSrvcs.INET-ENG-A-MAN.
HP-UX release 10.0,10.01,10.10 PHNE_13596
HP-UX release 10.16 PHNE_16006 *
HP-UX release 10.20 PHNE_13597
HP-UX release 10.24 PHNE_15802
HP-UX release 11.00 PHNE_14479
The CMW release (HP-UX 10.16) will be available after 10 August 98.
Install the applicable patches for the fileset:
InternetSvcSec.INETSVCS-SEC or InternetSvcSec.ISEC-ENG-A-MAN,
(Secure Internet Services),
HP-UX release 10.20 PHNE_15544
C. Recommended solution - Install the applicable patches.
NOTE: The Secure Internet Services product, if enabled, has to
be disabled before the installation and removal of
patch PHNE_15544 for HP-UX 10.20.
If Secure Internet Services is enabled during patch
installation, the installation will fail with an error.
NOTE: On the HP-UX 11.00 release patch only:
This version of FTP has some new configuration files that
can be used to take advantage of new functionality. Sample
of the new configuration files are provided in
/usr/newconfig/etc/ftpd.
These files can be altered per your needs and copied
to the location /etc/ftpd. Information on these new
features introduced by this new version of ftpd are in
the file:
/usr/share/doc/RelNotes_newftp.txt
Date Loaded: 19980722
Title: Security Vulnerability with ftp on HP-UX
-------------------------------------------------------------------------
PROBLEM: ftp client interprets server provided filenames which can
cause commands to be run on the client.
PLATFORM: HP9000 series 700/800, HP-UX releases 9.X, 10.X, and 11.00
DAMAGE: Local users can increase their privileges
SOLUTION: Install the patches listed below.
AVAILABILITY: All patches are available now, except as noted.
-------------------------------------------------------------------------
I.
A. Background
The ftp client can be tricked into running arbitrary commands
supplied by the remote server.
B. Fixing the problem
Install the applicable patches for the fileset: ARPA-RUN ARPA-MAN
HP-UX release 9.X PHNE_13595
Install the applicable patches for the fileset:
InternetSrvcs.INETSVCS-RUN or InternetSrvcs.INET-ENG-A-MAN.
HP-UX release 10.0,10.01,10.10 PHNE_13596
HP-UX release 10.16 PHNE_16006 *
HP-UX release 10.20 PHNE_13597
HP-UX release 10.24 PHNE_15802
HP-UX release 11.00 PHNE_14479
The CMW release (HP-UX 10.16) will be available after 10 August 98.
Install the applicable patches for the fileset:
InternetSvcSec.INETSVCS-SEC or InternetSvcSec.ISEC-ENG-A-MAN,
(Secure Internet Services),
HP-UX release 10.20 PHNE_15544
C. Recommended solution - Install the applicable patches.
NOTE: The Secure Internet Services product, if enabled, has to
be disabled before the installation and removal of
patch PHNE_15544 for HP-UX 10.20.
If Secure Internet Services is enabled during patch
installation, the installation will fail with an error.
NOTE: On the HP-UX 11.00 release patch only:
This version of FTP has some new configuration files that
can be used to take advantage of new functionality. Sample
of the new configuration files are provided in
/usr/newconfig/etc/ftpd.
These files can be altered per your needs and copied
to the location /etc/ftpd. Information on these new
features introduced by this new version of ftpd are in
the file:
/usr/share/doc/RelNotes_newftp.txt