HP has provided the following upgrades to resolve this vulnerability.
These upgrades are available from the following website:
URL:
http://software.hp.com
|
HP-UX Release
|
Depot name
|
|
B.11.11 (11i v1)
|
SYSMGMTWEB_A.2.2.9.1_HP-UX_B.11.11_32_64.DEPOT or subsequent
|
|
B.11.23 (11i v2)
|
SYSMGMTWEB_A.2.2.9.1_HP-UX_B.11.23_IA_PA.DEPOT or subsequent
|
|
B.11.31 (11i v3)
|
SYSMGMTWEB_A.2.2.9.1_HP-UX_B.11.31_IA_PA.DEPOT or subsequent
|
MANUAL ACTIONS:
Yes - NonUpdate
Check permissions on /var/tmp. As root, restore permissions to 1777 if needed.
Install SMH v2.2.9.1 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant:
HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see:
https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
==================
SysMgmtHomepage.SMH-PPAGES
SysMgmtHomepage.SMH-PPAGES-COM
SysMgmtHomepage.SMH-RUN
SysMgmtHomepage.SMH-SAMLOG
SysMgmtHomepage.SMH-UILIB
SysMgmtHomepage.SMH-UILIB-COM
SysMgmtHomepage.SMH-XLAUNCH
action: install 2.2.9.1 or subsequent
URL:
http://software.hp.com
HP-UX B.11.23
==================
SysMgmtHomepage.SMH-PPAGES
SysMgmtHomepage.SMH-PPAGES-COM
SysMgmtHomepage.SMH-RUN
SysMgmtHomepage.SMH-SAMLOG
SysMgmtHomepage.SMH-UILIB
SysMgmtHomepage.SMH-UILIB-COM
SysMgmtHomepage.SMH-XLAUNCH
action: install 2.2.9.1 or subsequent
URL:
http://software.hp.com
HP-UX B.11.31
==================
SysMgmtHomepage.SMH-PPAGES
SysMgmtHomepage.SMH-PPAGES-COM
SysMgmtHomepage.SMH-RUN
SysMgmtHomepage.SMH-SAMLOG
SysMgmtHomepage.SMH-UILIB
SysMgmtHomepage.SMH-UILIB-COM
SysMgmtHomepage.SMH-XLAUNCH
action: install 2.2.9.1 or subsequent
URL:
http://software.hp.com
END AFFECTED VERSIONS
HISTORY
Version:1 (rev.1) 3 November 2008 Initial release
Version:2 (rev.2) 10 November 2008 Corrected manual actions
Third Party Security Patches:
Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Printable version
