PING : OPENVIEW OMNIBACK II VULNERABILITY : BACKGROUND
|
SECURITY VULNERABILITY WITH HP OPENVIEW OMNIBACK II A. Background B. Fixing the problem C. Recommendations D. Subscribe to receive future HP Security Bulletins E. Report new security vulnerabilities |
Hewlett-Packard has learned that the HP OpenView OmniBack II product (OB) has defects that allow users to gain additional privileges. The OB program runs native on HP-UX yet also executes on other platforms as noted below. Updated binaries have been produced for those products and should be retrieved and installed.
OB provides Server support of HP9000 Series 700/800 with HP-UX and PC with Windows NT.
OB provides client support of HP9000 Series 700/800 running HP-UX, SunSparc running Solaris, SunSparc running SunOS, RS/6000 running AIX, Novell, PCs running Windows 95, PCs running NT, SNI running Sinix, SGI IRIX (only EFS and XFS filesystems) and Digital Unix.
The following versions of OB are affected on all supported platforms: OB 2.10 / OB 2.30 / OB 2.55.
NOTE: OB 2.50 is no longer supported.
