[18708] in bugtraq
FW: HPUX security bulletins digest
daemon@ATHENA.MIT.EDU (Boyce, Nick)
Fri Jan 19 11:09:31 2001
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Message-ID: <C1B2296C5D3ED11182DB00805F9A097E01506337@GBHBM001>
Date: Fri, 19 Jan 2001 13:29:36 -0000
Reply-To: "Boyce, Nick" <nick.boyce@EDS.COM>
From: "Boyce, Nick" <nick.boyce@EDS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
On 18th.Jan.2001, Ben Greenbaum forwarded this HP security alert :
[edited]
===================< cut >======================
---------- Forwarded message ----------
Date: Thu, 18 Jan 2001 04:02:29 -0800 (PST)
From: IT Resource Center <support_feedback@us-support.external.hp.com>
To: security_info@us-support.external.hp.com
Document ID: HPSBUX0101-137
Date Loaded: 20010117
Title: Sec. Vulnerability in Support Tools Manager
----------------------------------------------------------------------
HEWLETT-PACKARD COMPANY SECURITY BULLETIN: #0137, 18 Jan. '01
----------------------------------------------------------------------
ISSUE: HP9000 series 700/800 Support Tools Manager (xstm,cstm,stm)
PLATFORM: HP9000 Series 700 and 800 running HP-UX releases 11.11,
11.00, and 10.20.
POSSIBLE RESULT: Users could cause a Denial of Service (DoS).
===================< cut >======================
HP have been a bit coy about it - does anyone know more detail ?
What kind of denial of service (file overwrite ?) ?
Locally or remotely exploitable ?
Cheers,
Nick
EDS Healthcare, Bristol, UK
