|
Re: For those Security conscious people running AIX
2002-04-05 11:55:31
Terminal Session Manager according to some obscure HP documentation.
_____________________________
William Mansfield
Senior Consultant
Solution Technology, Inc
Lisa Cabanas <CABANL AT MODOT DOT NET>
Sent by: "ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU>
04/05/2002 10:57 AM
Please respond to "ADSM: Dist Stor Manager"
To: ADSM-L AT VM.MARIST DOT EDU
cc:
Subject: Re: For those Security conscious people running AIX
--duuuhh-- Thanks Justin, I missed that point-- "The tsm family of
commands
commands
(tsm,getty,login)". Anyone have any idea of what tsm means (you know, the
obscure reason it was named tsm-- like AIX means Advanced Interactive
eXecutive?)
lisa
Justin Derrick
<jderrick@CANA To: ADSM-L AT VM.MARIST DOT EDU
DA.COM> cc:
Sent by: Subject: Re: For those
Security conscious people running AIX
"ADSM: Dist
Stor Manager"
<ADSM-L AT VM DOT MAR
IST.EDU>
04/04/2002
07:23 PM
Please respond
to "ADSM: Dist
Stor Manager"
Just to re-iterate...
>I wonder.....do you need to replace the tsm executable in /usr/sbin after
>you update TSM server code??????
No. The 'tsm' in /usr/sbin has nothing to do with Tivoli Storage Manager.
I have absolutely *no* idea why IBM just didn't call it 'login', since
that
what it's linked to. =)
-JD.
> Gabriel Wiley
> Gabriel Wiley
> <wileyg AT US DOT IBM To: ADSM-L AT VM.MARIST
> DOT EDU
> .COM> cc:
> Sent by: Subject: Re: For those
>Security conscious people running AIX
> "ADSM: Dist
> Stor Manager"
> <ADSM-L AT VM DOT MAR
> IST.EDU>
>
>
> 04/04/2002
> 08:19 AM
> Please respond
> to "ADSM: Dist
> Stor Manager"
>
>
>
>
>
>
>Lisa,
>
>I just upgraded another server to ML9 + yesterday..
>
>I ordered the CD(s) in Feb. when they arrived it did not have the
fileset.
>(CD was ML9 as of 02/06/02)
>
>It is an add on if you wish to call it that..
>
>Gabriel C. Wiley
>ADSM/TSM Administrator
>AIX Support
>Phone 1-614-308-6709
>Pager 1-877-489-2867
>Fax 1-614-308-6637
>Cell 1-740-972-6441
>
>Siempre Hay Esperanza
>
>
>
>
> Lisa Cabanas
> <CABANL AT MODOT DOT NET To:
>ADSM-L AT VM.MARIST DOT EDU
> > cc:
> Sent by: "ADSM: Subject: Re: For those
>Security conscious people running AIX
> Dist Stor
> Manager"
> <[email protected]
> .EDU>
>
>
> 04/03/2002 09:07
> AM
> Please respond to
> "ADSM: Dist Stor
> Manager"
>
>
>
>
>
>I think what Justin said about having to do extra steps is right (needing
>additional filesets, specifically)-- I am at ML9, but when I look at the
>levels of the filesets, they are still below what is indicated as being
>unaffected, and the instfix doesn't show that APAR.
>
>bummer.
>
>lisa
>
>
>
> Gabriel Wiley
> <wileyg AT US DOT IBM To: ADSM-L AT VM.MARIST
> DOT EDU
> .COM> cc:
> Sent by: Subject: Re: For those
>Security conscious people running AIX
> "ADSM: Dist
> Stor Manager"
> <ADSM-L AT VM DOT MAR
> IST.EDU>
>
>
> 04/02/2002
> 04:13 PM
> Please respond
> to "ADSM: Dist
> Stor Manager"
>
>
>
>
>
>
>I can't tell you if it was fixed in ML8 we went from ML3 to ML9 overnight
>(or a very long weekend) ..
>
>The security people, waived it in my face the other day and said get it
>fixed.
>
>Since we are at ML9 + there was no need , it was already there.
>
>If you go to the software website it says you need to install 388 or so
>filesets to be legit.. (Wrong not in this env.)
>
>There have been buffer overflow issues in every version of AIX so far..
>
>Problem Summar y
>
> The tsm family of commands (tsm,getty,login) does not
> properly validate the port name entered on the command
>line.
> This can allow unpriviledged users to become root.
>
>
>Gabriel C. Wiley
>ADSM/TSM Administrator
>AIX Support
>Phone 1-614-308-6709
>Pager 1-877-489-2867
>Fax 1-614-308-6637
>Cell 1-740-972-6441
>
>Siempre Hay Esperanza
>
>
>
>|---------+---------------------------->
>| | Justin Derrick |
>| | <jderrick@CANADA.|
>| | COM> |
>| | Sent by: "ADSM: |
>| | Dist Stor |
>| | Manager" |
>| | <[email protected]|
>| | .EDU> |
>| | |
>| | |
>| | 04/02/2002 03:16 |
>| | PM |
>| | Please respond to|
>| | "ADSM: Dist Stor |
>| | Manager" |
>| | |
>|---------+---------------------------->
> >
>
-------------------------------------------------------------------------------
>-----------------------------------------------|
>-----------------------------------------------|
>
>
>
> |
>|
> | To: ADSM-L AT VM.MARIST DOT EDU
>|
> | cc:
>|
> | Subject: Re: For those Security conscious people running AIX
>|
> |
>|
> |
>|
> >
>
-------------------------------------------------------------------------------
>-----------------------------------------------|
>-----------------------------------------------|
>
>
>
>
>
>
>I think I had to install this separately at a client site because it
>required a few steps in order to take proper effect... But to be
>absolutely clear, this isn't Tivoli Storage Manager related. For some
>reason, the 'login' program on AIX is a link (an alias, if you will) to
the
>'tsm' program, which, again, has nothing to do with Tivoli Storage
Manager.
>
>-JD.
>
>>Isn't/Wasn't this taken care of in ML8?
>>
>>
>>
>> Gabriel Wiley
>> <wileyg AT US DOT IBM To: ADSM-L AT VM.MARIST
>> DOT EDU
>> .COM> cc:
>> Sent by: Subject: For those Security
>>conscious people running AIX
>> "ADSM: Dist
>> Stor Manager"
>> <ADSM-L AT VM DOT MAR
>> IST.EDU>
>>
>>
>> 04/02/2002
>> 12:14 PM
>> Please respond
>> to "ADSM: Dist
>> Stor Manager"
>>
>>
>>
>>
>>
>>
>>If you are not aware .. FYI ****
>>
>>SECURITY: MULTIPLE BUFFER OVERFLOW VULNERABILITIES IN TSMLOGIN
>>
>>Created: 01/04/2002 at 03:22 PM
>>
>>
>> Published Date: 01/04/2002
>>
>>
>>
>>
>>
>>
>> OS or Applications Affected: AIX
>>
>> Versions Affected: 4.3
>>
>>
>>
>>
>>
>> Severity: Medium
>>
>>
>>
>>
>>
>> APAR/Patch ID: IY26443
>>
>> Workaround Available?: No
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>Run this command to see if you have it ;
>>
>>instfix -ik IY26443
>>
>> or
>>
>>instfix -ick IY26443
>>
>>Keyword:Fileset:ReqLevel:InstLevel:Status:Abstract
>>Y26443:bos.rte.security:4.3.3.79:4.3.3.79:=:SECURITY: Multiple buffer
>>overflow vulnerabilities in tsmlogin
>>
>>
>>Gabriel C. Wiley
>>ADSM/TSM Administrator
>>AIX Support
>>Phone 1-614-308-6709
>>Pager 1-877-489-2867
>>Fax 1-614-308-6637
>>Cell 1-740-972-6441
>>
>>Siempre Hay Esperanza
|
| <Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: For those Security conscious people running AIX, (continued)
- Re: For those Security conscious people running AIX, Jolley, Bill
- Re: For those Security conscious people running AIX, David Longo
- Re: For those Security conscious people running AIX, Gabriel Wiley
- Re: For those Security conscious people running AIX, Lisa Cabanas
- Re: For those Security conscious people running AIX, Gabriel Wiley
- Re: For those Security conscious people running AIX, Lisa Cabanas
- Re: For those Security conscious people running AIX, Lisa Cabanas
- Re: For those Security conscious people running AIX,
Bill Mansfield <=
- Re: For those Security conscious people running AIX, David Longo
- Re: For those Security conscious people running AIX, Lisa Cabanas
|
|
|
