Patch Name: PHNE_14517 Patch Description: s700_800 10.16 upgraded audit INET services Creation Date: 98/03/12 Post Date: 98/03/20 Hardware Platforms - OS Releases: s700: 10.16 s800: 10.16 Products: N/A Filesets: BLS.MAXSIX InternetSrvcs.INETSVCS-BOOT InternetSrvcs.INETSVCS-RUN BLS.BLS-CORE InternetSrvcs.INET-ENG-A-MAN Automatic Reboot?: Yes Status: General Superseded Critical: No (superseded patches were critical) PHNE_10153: OTHER A timing problem could occur on receipt of a simultaneous data close and ABORT Path Name: /hp-ux_patches/s700_800/10.X/PHNE_14517 Symptoms: PHNE_14517: Ftp and rlogin do no write valid audit messages when they fail because the host that the commands are being attemped on is not in the Terminal Control Database on the target machine. PHNE_14276: Ftp works incorrectly when logging in with an invalid user. Previous patch did not fix problem correctly. PHNE_14209: Ftp works incorrectly when logging in with an invalid user. PHNE_12869: Unauthorized login, ftp, remsh, and telnet attempts are not audited. Failures during login such as password expirations, account locks, etc. are also not sufficiently audited. PHNE_11752: ftp and xftp are not year 2000 compliant. PHNE_10153: A ftp client could interrupt a data transfer by sending a data close and an ABORT. A timing problem has been observed on the ftpd side. PHNE_9935: When using FTP (non-root/privileged account) the "put" command fails (from a CMW to either a CMW or non-CMW). Defect Description: PHNE_14517: Design oversight. PHNE_14276: Further testing revealed that the problem was not fixed. PHNE_14209: This was an oversight. PHNE_12869: Although the necessary info was sent to the syslog, it was not also sent to the audit log. PHNE_11752: the programs were not designed with the year 2000 in mind. PHNE_10153: ftpd has been fixed to handle a simultaneous data close and ABORT appropriately. PHNE_9935: When using FTP (non-root/privileged account) the "put" command fails (from a CMW to either a CMW or non-CMW). SR: 4701346098 Patch Files: /tcb/lib/login /usr/bin/ftp /usr/share/man/man1.Z/ftp.1 /usr/lbin/ftpd /usr/share/man/man1m.Z/ftpd.1m /usr/bin/X11/xftp /usr/lbin/telnetd /usr/lbin/remshd /usr/lbin/rlogind /etc/auth/system/files.fcdb/10.net/m6.fcdb /usr/lib/libm6apps.sl /usr/lib/libm6apps.a what(1) Output: /tcb/lib/login: $Revision: Hewlett-Packard GTL Level mlpmp37 $ $Head er: Hewlett-Packard GTL Release hpux_mlpmp $ $Date: Tue Feb 17 14:25:46 PST 1998 $ $Revision: 72.27 $ cmd/login_sec.c, hpux, hpux_mlpmp $Date: 98/03/12 11 :11:08 $ $Revision: 1.2 PATCH_10.16 (PHNE_14 517) $ /usr/bin/ftp: $Revision: SecureWare Level mlpmp37 $ $Header: Secur eWare Release hpux_mlpmp $ $Date: Mon Oct 6 16:41:38 PDT 1997 $ Copyright (c) 1985, 1989 Regents of the University o f California. main.c based on 5.13 (Berkeley) 3/14/89 Revision 1.1.111.1 Thu Oct 30 19:07:29 GMT 1997 services/INETSVCS/ftp/cmds.c, hpux, hpux_mlpmp $Date : 97/10/30 11:04:17 $ $Revision: 1.3 PATCH_1 0.16 (PHNE_12869) $ cmdtab.c 5.9 (Berkeley) 3/21/89 services/INETSVCS/ftp/ftp.c, hpux, hpux_mlpmp $Date: 97/10/30 11:04:04 $ $Revision: 1.2 PATCH_10 .16 (PHNE_12869) $ glob.c 5.7 (Berkeley) 12/14/88 domacro.c 1.6 (Berkeley) 2/28/89 /usr/share/man/man1.Z/ftp.1: None /usr/lbin/ftpd: $Revision: Hewlett-Packard GTL Level mlpmp37 $ $Head er: Hewlett-Packard GTL Release hpux_mlpmp $ $Date: Tue Feb 17 14:25:46 PST 1998 $ Copyright (c) 1985, 1988 Regents of the University o f California. services/INETSVCS/ftpd/ftpd.c, hpux, hpux_mlpmp $Dat e: 98/03/12 11:47:07 $ $Revision: 1.3 PATCH_ 10.16 (PHNE_14517) $ Revision 1.7.112.3 Thu Mar 12 19:49:55 GMT 1998 ftpcmd.y 5.20 (Berkeley) 2/28/89 glob.c 5.7 (Berkeley) 12/14/88 popen.c 5.7 (Berkeley) 2/14/89 logwtmp.c 5.2 (Berkeley) 9/22/88 /usr/share/man/man1m.Z/ftpd.1m: None /usr/bin/X11/xftp: $Revision: SecureWare Level mlpmp37 $ $Header: Secur eWare Release hpux_mlpmp $ $Date: Mon Oct 6 16:41:38 PDT 1997 $ xftp Version 2.7 xftp.c $Date: 95/04/24 13:41:49 $ $Revision: 1.1.2 10.3 $ services/INETSVCS/xftp/cmds.c, hpux, hpux_mlpmp $Dat e: 97/10/30 12:11:50 $ $Revision: 1.3 PATCH_ 10.16 (PHNE_12869) $ services/INETSVCS/xftp/ftp.c, hpuxcmdnet, hpux_mlpmp , mlpmp27 $Date: 97/05/16 13:27:58 $ $Revisi on: 1.6 PATCH_10.16 (PHNE_9935) $ ftp.c $Date: 94/04/18 10:15:31 $ $Revision: 1.1.2 10.1 $ glob.c 5.7 (Berkeley) 12/14/88 cmdtab.c $Date: 94/04/18 10:15:29 $ $Revision: 1.1.2 10.1 $ /usr/lbin/telnetd: $Revision: SecureWare Level mlpmp37 $ $Header: Secur eWare Release hpux_mlpmp $ $Date: Mon Oct 6 16:41:38 PDT 1997 $ Copyright (c) 1983, 1986 Regents of the University o f California. telnetd.c, hpux, hpux_mlpmp $Date: 97/10/24 15:50:38 $ $Revision: 1.2 PATCH_10.16 (PHNE_12869) $ /usr/lbin/remshd: $Revision: SecureWare Level mlpmp37 $ $Header: Secur eWare Release hpux_mlpmp $ $Date: Mon Oct 6 16:41:38 PDT 1997 $ Copyright (c) 1983, 1988 The Regents of the Universi ty of California. remshd.c, hpux, hpux_mlpmp $Date: 97/10/24 07:35:42 $ $Revision: 1.3 PATCH_10.16 (PHNE_12869) $ rshd.c 5.17.1.2 (Berkeley) 2/7/89 remshd.c $Revision: 1.33.110.8 $ /usr/lbin/rlogind: $Revision: SecureWare Level mlpmp37 $ $Header: Secur eWare Release hpux_mlpmp $ $Date: Mon Oct 6 16:41:38 PDT 1997 $ Copyright (c) 1983, 1988 The Regents of the Universi ty of California. rlogind.c, hpux, hpux_mlpmp $Date: 97/10/24 14:27:22 $ $Revision: 1.2 PATCH_10.16 (PHNE_12869) $ /etc/auth/system/files.fcdb/10.net/m6.fcdb: m6.fcdb, hpux, hpux_mlpmp $Date: 97/10/13 14:43:32 $ $Revision: 1.2 PATCH_10.16 (PHNE_12869) $ /usr/lib/libm6apps.sl: $Revision: Hewlett-Packard GTL Level mlpmp37 $ $Head er: Hewlett-Packard GTL Release hpux_mlpmp $ $Date: Tue Feb 17 14:25:46 PST 1998 $ lib/libm6apps/m6apps.c, hpux, hpux_mlpmp $Date: 98/0 2/24 07:15:45 $ $Revision: 1.3 PATCH_10.16 ( PHNE_14276) $ /usr/lib/libm6apps.a: $Revision: Hewlett-Packard GTL Level mlpmp37 $ $Head er: Hewlett-Packard GTL Release hpux_mlpmp $ $Date: Tue Feb 17 14:25:46 PST 1998 $ lib/libm6apps/m6apps.c, hpux, hpux_mlpmp $Date: 98/0 2/24 07:15:45 $ $Revision: 1.3 PATCH_10.16 ( PHNE_14276) $ cksum(1) Output: 819877176 57344 /tcb/lib/login 3179829511 94208 /usr/bin/ftp 1081446257 12647 /usr/share/man/man1.Z/ftp.1 1202749639 90112 /usr/lbin/ftpd 1921419376 9615 /usr/share/man/man1m.Z/ftpd.1m 3979884118 393216 /usr/bin/X11/xftp 2692576428 20480 /usr/lbin/remshd 3826741231 28672 /usr/lbin/rlogind 702503277 45056 /usr/lbin/telnetd 2478822145 17882 /etc/auth/system/files.fcdb/10.net/m6.fcdb 1298656896 32768 /usr/lib/libm6apps.sl 3007845179 24464 /usr/lib/libm6apps.a Patch Conflicts: None Patch Dependencies: None Hardware Dependencies: None Other Dependencies: None Supersedes: PHNE_9935 PHNE_10153 PHNE_11752 PHNE_12869 PHNE_14209 PHNE_14276 Equivalent Patches: None Patch Package Size: 870 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHNE_14517 5a. For a standalone system, run swinstall to install the patch: swinstall -x autoreboot=true -x match_target=true \ -s /tmp/PHNE_14517.depot 5b. For a homogeneous NFS Diskless cluster run swcluster on the server to install the patch on the server and the clients: swcluster -i -b This will invoke swcluster in the interactive mode and force all clients to be shut down. WARNING: All cluster clients must be shut down prior to the patch installation. Installing the patch while the clients are booted is unsupported and can lead to serious problems. The swcluster command will invoke an swinstall session in which you must specify: alternate root path - default is /export/shared_root/OS_700 source depot path - /tmp/PHNE_14517.depot To complete the installation, select the patch by choosing "Actions -> Match What Target Has" and then "Actions -> Install" from the Menubar. 5c. For a heterogeneous NFS Diskless cluster: - run swinstall on the server as in step 5a to install the patch on the cluster server. - run swcluster on the server as in step 5b to install the patch on the cluster clients. By default swinstall will archive the original software in /var/adm/sw/patch/PHNE_14517. If you do not wish to retain a copy of the original software, you can create an empty file named /var/adm/sw/patch/PATCH_NOSAVE. Warning: If this file exists when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. It is recommended that you move the PHNE_14517.text file to /var/adm/sw/patch for future reference. To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHNE_14517.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: None