New Version Insight Manager Web Agent for Compaq Tru64 UNIX V4.0F
TITLE: New Version Insight Manager Web Agent for Compaq Tru64 UNIX V4.0F
* No Restrictions For Distribution *
______________________________________________________________
UPDATE: JUNE 11, 1999
TITLE: New Version of the Insight Manager Web Agent
for Compaq's Tru64/Digital UNIX V4.0f
Cross-Ref: "Compaq Management Agents Security Advisory"
Located at http://www.compaq.com/sysmanage
SOURCE: Compaq Computer Corporation
Software Security Response Team
"Compaq is broadly distributing this Security Advisory in order
to bring to the attention of users of Compaq products the
important security information contained in this Advisory.
Compaq recommends that all users determine the applicability of
this information to their individual situations and take
appropriate action.
Compaq does not warrant that this information is necessarily
accurate or complete for all user situations and, consequently,
Compaq will not be responsible for any damages resulting from
user's use or disregard of the information provided in this
Advisory."
----------------------------------------------------------------------
IMPACT:
This patch fixes a potential security vulnerability in the web-enabling
portion of the Compaq Insight Management Agents for Tru64 UNIX. This
security vulnerability may allow read access to files whose location and
filename are known and located on the same file system where the agents
are installed.
*Compaq Management Agents for Compaq OpenVMS are not affected in any way.
----------------------------------------------------------------------
RESOLUTION:
This potential security vulnerability has been resolved and a patch for
this problem has been made available for Tru64/DIGITAL UNIX V4.0f with
or without Patch Kit 1.
*This solution will be included in future distributed releases of
Compaq's DIGITAL UNIX.
This patch may be obtained from the World Wide Web at the following
FTP address:
http://www.support.compaq.com/patches
Patch file name: SSRT0612U_im_upd06991.tar
Use the FTP access option via browse patch tree,
select DIGITAL_UNIX directory then choose the appropriate
version directory and download the patch accordingly.
Note:
There is a README file with this patch: SSRT0612U_im_upd06991_cvrlet.txt
Additional Considerations:
If you need further information, please contact your normal
Compaq Services support channel.
Compaq appreciates your cooperation and patience. We regret any
inconvenience applying this information may cause.
As always, Compaq urges you to periodically review your system
management and security procedures.
Compaq will continue to review and enhance the security
features of its products and work with customers to maintain and
improve the security and integrity of their systems.
______________________________________________________________
Copyright (c) Compaq Computer Corporation, 1999 All
Rights Reserved.
Unpublished Rights Reserved Under The Copyright Laws Of
The United States.
______________________________________________________________
This patch can be found at any of these sites:
Colorado Site
Georgia Site
Files on this server are as follows:
ssrt0612u_im_upd06991.README
ssrt0612u_im_upd06991.CHKSUM
ssrt0612u_im_upd06991.CVRLET_TXT
ssrt0612u_im_upd06991.tar
ssrt0612u_im_upd06991.CVRLET_TXT
|