AUSCERT External Security Bulletin Redistribution

       SSRT3469 - HP Tru64 UNIX, HP-UX, sendmail Potential Security
                               04 March 2003


        AusCERT Security Bulletin Summary

Product:                Sendmail
Vendor:                 Hewlett-Packard
Operating System:       HP-UX
Impact:                 Root Compromise
                        Denial of Service
Access Required:        Remote

Ref:                    AA-2003.01

- --------------------------BEGIN INCLUDED TEXT--------------------

Hash: SHA1

permission granted.



TITLE:  SSRT3469 - HP Tru64 UNIX, HP-UX, sendmail
                              Potential Security Vulnerability

NOTICE: There are no restrictions for distribution of
        this Bulletin provided that it remains complete
        and intact.  

RELEASE DATE: March 2003


         Software Security Response Team

REFERENCE:   SSRT3469, HPSBUX0302-246,VU#398025


This bulletin will be posted to the support
website within 24 hours of release to
www.hp.com  Use the SEARCH IN feature box,
enter SSRT3469 in the search window.

SSRT3469 sendmail - (Severity - High)

A potential security vulnerability has been
reported in the HP-UX and HP Tru64 UNIX operating
system that may result in unauthorized Privileged
Access or a Denial of Service (DoS). This potential
vulnerability may be in the form of local and
remote security domain risks.



HP Tru64 UNIX V5.1B

HP Tru64 UNIX V5.1A

HP Tru64 UNIX V5.1

HP Tru64 UNIX V5.0A

HP Tru64 UNIX V4.0G

HP Tru64 UNIX V4.0F

HP AlphaServer SC (Sierra Cluster) V2.5


HP-UX release 11.11 (11i)

HP-UX release 11.04 (VVOS)

HP-UX release 11.00

HP-UX release 10.20

HP-UX release 10.10



HP NonStop Servers



HP Tru64 UNIX 

Early Release Patches (ERPs) are now available
for all supported versions of HP Tru64 UNIX and
HP Trucluster Server. The ERP kits use dupatch to
install and will not  install over any Customer Specific
Patches (CSPs) which have file intersections with the
ERPs.  Contact your normal support channel and request
HP Tru64 services elevate a case to Support Engineering
if a CSP must be merged with one of the ERPs.

The following ERP kits are applicable to any system
running HP Tru64 UNIX and HP TruCluster Server software.
The ERPs are designed for clustered and non-clustered systems.

Please review the README file for each patch prior
to installation.

HP Tru64 UNIX/TruCluster Server V5.1B
Prerequisite: V5.1B with PK1 (BL1) installed
ERP Kit Name : T64V51BB1-C0003900-16874-ES-20030211.tar
Kit Location :

HP Tru64 UNIX/TruCluster Server 5.1A
Prerequisite: V5.1A with PK4 (BL21) installed
ERP Kit Name:T64V51AB21-C0103500-17099-ES-20030226.tar
Kit Location:

HP Tru64 UNIX/TruCluster Server V5.1A
Prerequisite: V5.1A with PK3 (BL3) installed
ERP Kit Name :T64V51AB3-C0101900-16876-ES-20030211.tar
Kit Location :

HP Tru64 UNIX/TruCluster Server V5.1
Prerequisite: V5.1 with PK6 (BL20) installed
ERP Kit Name:T64V51B20-C0169800-16980-ES-20030218.tar
Kit Location:

HP Tru64 UNIX/TruCluster Server V5.1
Prerequisite: V5.1 with PK5 (BL19) installed
ERP Kit Name : T64V51B19-C0169100-16882-ES-20030211.tar
Kit Location : ftp://ftp1.support.compaq.com/public/unix/v5.1/

HP Tru64 UNIX/TruCluster Server V5.0A
Prerequisite: V5.0a with PK3 (BL17) installed
ERP Kit Name : T64V50AB17-C0031300-16884-ES-20030211.tar
Kit Location : http://ftp1.support.compaq.com/public/unix/v5.0a/

HP Tru64 UNIX/TruCluster   Server V4.0G
Prerequisite: V4.0G with PK3 (BL17) installed
ERP Kit Name : T64V40GB17-C0028100-16887-ES-20030211.tar
Kit Location:  ftp://ftp1.support.compaq.com/public/unix/v4.0g/

HP Tru64 UNIX/TruCluster V4.0F
Prerequisite: V4.0F with PK7 (BL18) installed
ERP Kit Name : DUV40FB18-C0092200-16888-ES-20030211.tar
Kit Location :  ftp://ftp1.support.compaq.com/public/unix/v4.0f/

Please review the README file for each patch prior
to installation.

The fixes contained in the ERP kits will be available
in the following mainstream patch kits:

   o  HP Tru64 UNIX 5.1B   PK2
   o  HP Tru64 UNIX 5.1A   PK5
   o  HP Tru64 UNIX 4.0G   PK4
   o  HP Tru64 UNIX 4.0F   PK8

Information on how to verify MD5 and SHA1 checksums is
available at:

HP AlphaServer SC (Sierra Cluster) 

Customers should contact their normal HP support
channel and request early release patch kits for
case is SSRT3469 sendmail


REF:  HPSBUX0302-246, SSRT3469

HP has provided notice of the availability of
any necessary solutions through the standard
Security Bulletin HPSBUX0302-246  announcement and
is available from your normal HP Services support
channel and will be available from http://itrc.hp.com
search for HPSBUX0302-246  Please review this bulletin
for details about the solution.

Determine if you are running a vulnerable version of sendmail:

Login in as root:

cd /usr/sbin

sendmail -d0.1 < /dev/null | grep -i version

The display will show Version #.#.#

HP Versions affected: 8.8.6, 8.9.3, 8.11.1

Download the appropriate file:

For HP-UX 10.10: sendmail.886.10.01.gz

For HP-UX 10.20: sendmail.893.10.20.gz

For HP-UX 11.00: sendmail.811.11.00.gz


For HP-UX 11.04: sendmail.811.11.00.gz


For HP-UX 11.11: sendmail.811.11.11.gz


For HP-UX 11.22:


The files are available from the following site:

System: hprc.external.hp.com (

Login: sendmail

Password: sendmail

FTP Access: ftp://sendmail:sendmail@hprc.external.hp.com/

or: ftp://sendmail:sendmail@

or: ftp hprc.external.hp.com

Note: There is an ftp defect in IE5 that may result
in a browser hang. To work around this:

- - - - Select Tools -> Internet Options -> Advanced

- - - - Un-check the option: [ ] Enable folder view for FTP sites

After completing the update, HP strongly recommends
that you perform an immediate backup of  the system
disk so that any subsequent restore operations begin
with updated software. Otherwise, the updates must
be re-applied after a future restore operation.
Also, if at some future time the system is upgraded
to a later patch release or version release,
reinstall the appropriate ERP.


For further information, contact HP Services.
SUBSCRIBE: To subscribe to automatically receive future
Security Advisories from the Software Security Response
Team via electronic mail:



To report a potential security vulnerability with
any HP supported product, send email to:

As always, HP urges you to periodically review your
system management and security procedures. HP will
continue to review and enhance the security features
of its products and work with our customers to maintain
and improve the security and integrity of their systems.  
"HP is broadly distributing this Security Bulletin
in order to bring to the attention of users of the
affected HP products the important security information
contained in this Bulletin. HP recommends that all users
determine the applicability of this information to
their individual situations and take appropriate
action. HP does not warrant that this information
is necessarily accurate or complete for all user
situations and, consequently, HP will not be
responsible for any damages resulting from user's
use or disregard of the information provided in
this Bulletin."

(c)Copyright 2002 Hewlett-Packard Company 
Hewlett-Packard Company shall not be liable for
technical or editorial errors or omissions contained
herein. The information in this document is subject
to change without notice. Hewlett-Packard Company
and the names of Hewlett-Packard products referenced
herein are trademarks of Hewlett-Packard Company in
the United States and other countries. Other product
and company names mentioned herein may be trademarks
of their respective owners.

Version: PGP 7.0.1


- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content.  The decision to use any or all of this information is
the responsibility of each user or organisation, and should be done so in
accordance with site policies and procedures.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:


If you believe that your system has been compromised, contact AusCERT or
your representative in FIRST (Forum of Incident Response and Security

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business 
                hours which are GMT+10:00 (AEST).  On call after hours 
                for member emergencies only.

Version: 2.6.3i
Charset: noconv
Comment: http://www.auscert.org.au/render.html?it=1967