---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/ ---------------------------------------------------------------------- TITLE: HP-UX System Administration Manager Security Issue SECUNIA ADVISORY ID: SA31309 VERIFY ADVISORY: http://secunia.com/advisories/31309/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: >From local network OPERATING SYSTEM: HP-UX 11.x http://secunia.com/product/138/ DESCRIPTION: A security issue has been reported in HP-UX, which can lead to an insecure configuration. The security issue is caused due to an error if the System Administration Manager (SAM) is used to configure NFS. This can result in an insecure configuration allowing unintended access to all systems. The security issue is reported in HP-UX B.11.11 and B.11.23 running SAM. SOLUTION: HP-UX B.11.11 (11i v1): Install PHCO_36562 or subsequent and change NFS configuration as needed. HP-UX B.11.23 (11i v2): Install PHCO_36563 or subsequent and change NFS configuration as needed. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBUX02286 SSRT071466: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01367453 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------