Return-Path: owner-fw-announce@firewall.gr.jp
To: fw-announce@firewall.gr.jp
Subject: [fw-announce:342] SSRT0614U_RPC_CMSD Potential Security Problem When Using rpc.cmsd
From: SAKAI Yoriyuki <sakai@lac.co.jp>
Message-Id: <199911040843.BBD70035.BTJLB@lac.co.jp>
X-Mailer: Winbiff [Version 2.20 PL4]
Date: Thu, 4 Nov 1999 08:43:17 +0900
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-fw-announce@firewall.gr.jp
Reply-To: fw-announce@firewall.gr.jp
X-Ml-Name: fw-announce
X-Ml-Count: 342
X-Sequence: fw-announce 342
Delivered-To: mailing list fw-announce@firewall.gr.jp
X-Delivered-To: mailing list fw-announce@firewall.gr.jp
X-Ml-Info: If you have a question, send a mail with the body "help" (without quotes) to the address majordomo@firewall.gr.jp
Precedence: bulk

TITLE: SSRT0614U_RPC_CMSD Potential Security Problem When Using rpc.cmsd
 
Copyright (c) Compaq Computer Corporation 1999.  All rights reserved.


                      * No Restrictions For Distribution *
   
______________________________________________________________
UPDATE:                                         November 2, 1999
 
  TITLE: Potential Security Problem when using rpc.cmsd 
  (calendar manager). CERT Advisory CA-99-08  

  SOURCE: Compaq Computer Corporation
          Software Security Response Team 
 
 "Compaq is broadly distributing this Security Advisory in order
 to bring to the attention of users of Compaq products the
 important security information contained in this Advisory. 
 Compaq recommends that all users determine the applicability of
 this information to their individual situations and take
 appropriate action.
 
 Compaq does not warrant that this information is necessarily
 accurate or complete for all user situations and,   consequently,
 Compaq will not be responsible for any damages resulting from
 user's use or disregard of the information provided in this
 Advisory."
 
----------------------------------------------------------------------
IMPACT:
                                                                       
 This fix was implemented in response to the recent posting of
 the CERT CA-99-08-cmsd advisory.
 
----------------------------------------------------------------------
RESOLUTION:
 
 This potential security problem has been resolved and a
 patch for this problem has been made available for 
 Tru64 UNIX V4.0D, V4.0E and V4.0F.

 This patch can be installed on:
 V4.0D  Patch kit BL11 or BL12.
 V4.0E  Patch kit BL1 or BL12.
 V4.0F  Patch kit BL1. 

 *This solution will be included in a future distributed release of 
  Compaq's DIGITAL UNIX. 
 
 
  This patch may be obtained from the World Wide Web at the
  following FTP address:
 
       http://www.service.digital.com/patches
 
 Patch file name: SSRT0614U_rpc.cmsd.tar
 
 Use the FTP access option, select DIGITAL_UNIX directory
 then choose the appropriate version directory and
 download the patch accordingly. 
 
 Note:  There is a README file included with this patch, which
        contains installation instructions.

 Additional Considerations:
 
   If you need further information, please contact your normal 
   Compaq Services support channel.
 
   Compaq appreciates your cooperation and patience. We regret any
   inconvenience applying this information may cause.
 
   As always, Compaq urges you to periodically review your system
   management and security procedures. 
 
   Compaq will continue to review and enhance the security
   features of its products and work with customers to maintain and
   improve the security and integrity of their systems.
 ______________________________________________________________  
  Copyright (c) Compaq Computer Corporation, 1999 All
  Rights Reserved.
  Unpublished Rights Reserved Under The Copyright Laws Of
  The United States.
  ______________________________________________________________