Home page logo

bugtraq logo Bugtraq mailing list archives

Re: HPUX security bulletins digest
From: "Boyce, Nick" <nick.boyce () EDS COM>
Date: Mon, 13 Nov 2000 21:37:46 -0000

I'm confused  <g> ... the HP alert indicates that problem "HPSBUX0011-130"
is both a "DoS at boot-time" problem, and a remote root compromise - [see
"DAMAGE" and "Background" below].

So which is it ?   Maybe it's both, but if it's just boot-time DoS I can
live with that for a spell.

The man page says :
      auto_parms is a system initialization script whose primary
      responsibility lies in handling first time boot configuration and
      ongoing management of the DHCP lease(s).

The script is 1700 lines long, so I don't want to have to try to analyse it
myself.  Since it deals with DHCP address requesting, I suppose it may be
vulnerable to something like the recent ISC DHCP client vulnerability (if
there exists a malicious DHCP server somewhere), but HP don't give any

Does anyone understand this better than me ?
[It matters a bit to me - many systems to fix - as to quite how much panic I
allow myself ...]

I'd log a call with HP to ask, but I've not had a useful result from that
course in the past.

EDS Healthcare, Bristol, UK

-----Original Message-----
From: Oonk, Patrick [mailto:patrick () PINE NL]
Sent: 13 November 2000 13:22
Subject: security bulletins digest

                        HP Support Information Digests


Document ID      Title
---------------  -----------
HPSBUX0011-130   Sec. Vulnerability in auto_parms


DAMAGE:   May allow remote users to gain root access or to disrupt
          normal operations.


   A. Background
      Hewlett-Packard Company has been informed of a defect in the
      /sbin/auto_parms script.  There is potential for a Denial of
      Service (DoS) at boot time.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]