Patch Name: PHNE_22703 Patch Description: s700_800 10.16 cumulative INET services Creation Date: 00/11/13 Post Date: 00/11/14 Hardware Platforms - OS Releases: s700: 10.16 s800: 10.16 Products: N/A Filesets: BLS.MAXSIX InternetSrvcs.INETSVCS-BOOT InternetSrvcs.INETSVCS-RUN BLS.BLS-CORE InternetSrvcs.INET-ENG-A-MAN Automatic Reboot?: Yes Status: General Release Critical: No (superseded patches were critical) PHNE_10153: OTHER A timing problem could occur on receipt of a simultaneous data close and ABORT Path Name: /hp-ux_patches/s700_800/10.X/PHNE_22703 Symptoms: PHNE_22703: ftpd does not function properly. (Port of 10.01 patch PHNE_22058) PHNE_16006: * ftp: problem with passing files. PHNE_14517: Ftp and rlogin do no write valid audit messages when they fail because the host that the commands are being attemped on is not in the Terminal Control Database on the target machine. PHNE_14276: Ftp works incorrectly when logging in with an invalid user. Previous patch did not fix problem correctly. PHNE_14209: Ftp works incorrectly when logging in with an invalid user. PHNE_12869: Unauthorized login, ftp, remsh, and telnet attempts are not audited. Failures during login such as password expirations, account locks, etc. are also not sufficiently audited. PHNE_11752: ftp and xftp are not year 2000 compliant. PHNE_10153: A ftp client could interrupt a data transfer by sending a data close and an ABORT. A timing problem has been observed on the ftpd side. PHNE_9935: When using FTP (non-root/privileged account) the "put" command fails (from a CMW to either a CMW or non-CMW). Defect Description: PHNE_22703: ftpd does not function properly. PHNE_16006: * ftp: problem with passing files. PHNE_14517: Design oversight. PHNE_14276: Further testing revealed that the problem was not fixed. PHNE_14209: This was an oversight. PHNE_12869: Although the necessary info was sent to the syslog, it was not also sent to the audit log. PHNE_11752: the programs were not designed with the year 2000 in mind. PHNE_10153: ftpd has been fixed to handle a simultaneous data close and ABORT appropriately. PHNE_9935: When using FTP (non-root/privileged account) the "put" command fails (from a CMW to either a CMW or non-CMW). SR: 8606142685 8606160774 4701409938 4701373696 5003369611 1653245845 5003386581 1653245852 1653254193 1653232942 4701346098 5003343970 5003344846 5003322867 4701334763 4701346098 Patch Files: /tcb/lib/login /usr/bin/ftp /usr/share/man/man1.Z/ftp.1 /usr/lbin/ftpd /usr/share/man/man1m.Z/ftpd.1m /usr/bin/X11/xftp /usr/lbin/telnetd /usr/lbin/remshd /usr/lbin/rlogind /etc/auth/system/files.fcdb/10.net/m6.fcdb /usr/lib/libm6apps.sl /usr/lib/libm6apps.a what(1) Output: /tcb/lib/login: $Revision: Hewlett-Packard GTL Level mlpmp37 $ $Head er: Hewlett-Packard GTL Release hpux_mlpmp $ $Date: Tue Feb 17 14:25:46PST 1998 $ $Revision: 72.27 $ cmd/login_sec.c, hpux, hpux_mlpmp $Date: 98/03/13 09 :04:38 $ $Revision: 1.2 PATCH_10.16 (PHNE_14 517) $ /usr/bin/ftp: $Revision: Hewlett-Packard GTL Level mlpmp00 $ $Head er: Hewlett-Packard GTL Release hpux_mlpmp $ $Date: Thu Nov 9 16:47:04PST 2000 $ Copyright (c) 1985, 1989 Regents of the University o f California. main.c based on 5.13 (Berkeley) 3/14/89 Revision 1.1.111.1 Fri Nov 10 06:59:11 GMT 2000 services/INETSVCS/ftp/cmds.c, hpux, hpux_mlpmp, 10.1 6-53 $Date: 00/11/09 16:24:47 $ $Revision: 1 .5 PATCH_10.16 (PHNE_16006)$ cmdtab.c 5.9 (Berkeley) 3/21/89 services/INETSVCS/ftp/ftp.c, hpux, hpux_mlpmp, 10.16 -53 $Date: 00/11/09 16:28:39 $ $Revision: 1. 2 PATCH_10.16 (PHNE_12869) $ glob.c 5.7 (Berkeley) 12/14/88 domacro.c 1.6 (Berkeley) 2/28/89 /usr/share/man/man1.Z/ftp.1: None /usr/lbin/ftpd: $Revision: Hewlett-Packard GTL Level mlpmp00 $ $Head er: Hewlett-Packard GTL Release hpux_mlpmp $ $Date: Thu Nov 9 16:47:04PST 2000 $ Copyright (c) 1985, 1988 Regents of the University o f California. services/INETSVCS/ftpd/ftpd.c, hpux, hpux_mlpmp, 10. 16-53 $Date: 00/11/09 16:28:06 $ $Revision: 1.4 PATCH_10.16 (PHNE_22703) $ Revision 1.7.112.3 Fri Nov 10 06:59:38 GMT 2000 ftpcmd.y 5.20 (Berkeley) 2/28/89 glob.c 5.7 (Berkeley) 12/14/88 popen.c 5.7 (Berkeley) 2/14/89 logwtmp.c 5.2 (Berkeley) 9/22/88 /usr/share/man/man1m.Z/ftpd.1m: None /usr/bin/X11/xftp: $Revision: SecureWare Level mlpmp37 $ $Header: Secur eWare Release hpux_mlpmp $ $Date: Mon Oct 6 16:41:38 PDT 1997 $ xftp Version 2.7 xftp.c $Date: 95/04/24 13:41:49 $ $Revision: 1.1.2 10.3 $ services/INETSVCS/xftp/cmds.c, hpux, hpux_mlpmp $Dat e: 97/10/30 12:11:50 $ $Revision: 1.3 PATCH_ 10.16 (PHNE_12869) $ services/INETSVCS/xftp/ftp.c, hpuxcmdnet, hpux_mlpmp , mlpmp27 $Date: 97/05/16 13:27:58 $ $Revisi on: 1.6 PATCH_10.16 (PHNE_9935) $ ftp.c $Date: 94/04/18 10:15:31 $ $Revision: 1.1.2 10.1 $ glob.c 5.7 (Berkeley) 12/14/88 cmdtab.c $Date: 94/04/18 10:15:29 $ $Revision: 1.1.2 10.1 $ /usr/lbin/telnetd: $Revision: SecureWare Level mlpmp37 $ $Header: Secur eWare Release hpux_mlpmp $ $Date: Mon Oct 6 16:41:38 PDT 1997 $ Copyright (c) 1983, 1986 Regents of the University o f California. telnetd.c, hpux, hpux_mlpmp $Date: 97/10/24 15:50:38 $ $Revision: 1.2 PATCH_10.16 (PHNE_12869) $ /usr/lbin/remshd: $Revision: SecureWare Level mlpmp37 $ $Header: Secur eWare Release hpux_mlpmp $ $Date: Mon Oct 6 16:41:38 PDT 1997 $ Copyright (c) 1983, 1988 The Regents of the Universi ty of California. remshd.c, hpux, hpux_mlpmp $Date: 97/10/24 07:35:42 $ $Revision: 1.3 PATCH_10.16 (PHNE_12869) $ rshd.c 5.17.1.2 (Berkeley) 2/7/89 remshd.c $Revision: 1.33.110.8 $ /usr/lbin/rlogind: $Revision: SecureWare Level mlpmp37 $ $Header: Secur eWare Release hpux_mlpmp $ $Date: Mon Oct 6 16:41:38 PDT 1997 $ Copyright (c) 1983, 1988 The Regents of the Universi ty of California. rlogind.c, hpux, hpux_mlpmp $Date: 97/10/24 14:27:22 $ $Revision: 1.2 PATCH_10.16 (PHNE_12869) $ /etc/auth/system/files.fcdb/10.net/m6.fcdb: m6.fcdb, hpux, hpux_mlpmp $Date: 97/10/13 14:43:32 $ $Revision: 1.2 PATCH_10.16 (PHNE_12869) $ /usr/lib/libm6apps.sl: $Revision: Hewlett-Packard GTL Level mlpmp37 $ $Head er: Hewlett-Packard GTL Release hpux_mlpmp $ $Date: Tue Feb 17 14:25:46PST 1998 $ lib/libm6apps/m6apps.c, hpux, hpux_mlpmp $Date: 98/0 2/24 07:15:45 $ $Revision: 1.3 PATCH_10.16 ( PHNE_14276) $ /usr/lib/libm6apps.a: $Revision: Hewlett-Packard GTL Level mlpmp37 $ $Head er: Hewlett-Packard GTL Release hpux_mlpmp $ $Date: Tue Feb 17 14:25:46PST 1998 $ lib/libm6apps/m6apps.c, hpux, hpux_mlpmp $Date: 98/0 2/24 07:15:45 $ $Revision: 1.3 PATCH_10.16 ( PHNE_14276) $ cksum(1) Output: 1022216703 61440 /tcb/lib/login 1781924922 94208 /usr/bin/ftp 1081446257 12647 /usr/share/man/man1.Z/ftp.1 2047772126 90112 /usr/lbin/ftpd 1921419376 9615 /usr/share/man/man1m.Z/ftpd.1m 3979884118 393216 /usr/bin/X11/xftp 702503277 45056 /usr/lbin/telnetd 2692576428 20480 /usr/lbin/remshd 3826741231 28672 /usr/lbin/rlogind 2478822145 17882 /etc/auth/system/files.fcdb/10.net/m6.fcdb 1298656896 32768 /usr/lib/libm6apps.sl 3007845179 24464 /usr/lib/libm6apps.a Patch Conflicts: None Patch Dependencies: None Hardware Dependencies: None Other Dependencies: None Supersedes: PHNE_9935 PHNE_10153 PHNE_11752 PHNE_12869 PHNE_14209 PHNE_14276 PHNE_14517 PHNE_16006 Equivalent Patches: None Patch Package Size: 880 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHNE_22703 5a. For a standalone system, run swinstall to install the patch: swinstall -x autoreboot=true -x match_target=true \ -s /tmp/PHNE_22703.depot By default swinstall will archive the original software in /var/adm/sw/patch/PHNE_22703. If you do not wish to retain a copy of the original software, you can create an empty file named /var/adm/sw/patch/PATCH_NOSAVE. WARNING: If this file exists when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. It is recommended that you move the PHNE_22703.text file to /var/adm/sw/patch for future reference. To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHNE_22703.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: None