On 18th.Jan.2001, Ben Greenbaum forwarded this HP security alert :
[edited]
===================< cut >======================
---------- Forwarded message ----------
Date: Thu, 18 Jan 2001 04:02:29 -0800 (PST)
From: IT Resource Center <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Document ID: HPSBUX0101-137
Date Loaded: 20010117
Title: Sec. Vulnerability in Support Tools Manager
----------------------------------------------------------------------
HEWLETT-PACKARD COMPANY SECURITY BULLETIN: #0137, 18 Jan. '01
----------------------------------------------------------------------
ISSUE: HP9000 series 700/800 Support Tools Manager (xstm,cstm,stm)
PLATFORM: HP9000 Series 700 and 800 running HP-UX releases 11.11,
11.00, and 10.20.
POSSIBLE RESULT: Users could cause a Denial of Service (DoS).
===================< cut >======================
HP have been a bit coy about it - does anyone know more detail ?
What kind of denial of service (file overwrite ?) ?
Locally or remotely exploitable ?
Cheers,
Nick
EDS Healthcare, Bristol, UK
