|
|
A rare security bug
in DEBUG can put 3000s at risk
While HP routinely
transmits several security bulletins a month about holes in HP UX,
it’s been more than a year since anybody found one in the HP 3000
operating system. At presstime HP was telling its customers about a problem
with the way DEBUG handles commands. By twiddling with the DEBUG utility,
users can gain increased privileges on HP 3000s, giving them access to
god-like capabilities on the systems. The problem affects all HP 3000
systems running MPE/iX 5.0 and MPE/iX 5.5 releases of the operating system
only. HP says the problem does not exist with release MPE/iX 6.0 systems.
To solve the problem and close the security hole, customers need to install
one of two patches, available from the Electronic Support Center: for
MPE/iX 5.0, MPEKXM1A, and for MPE/iX 5.5, MPEKXM1B.
Copyright The 3000 NewsWire. All
rights reserved |
|
