Internet security software downloads

»

HP Tru64 UNIX

Tru64 UNIX

» Tru64 UNIX V5.1B-6
» Tru64 UNIX V5.1B-5
» Documentation
» Information library
» Software web index
» Software products library
» Patch database
» Services
» Developer & Solution Partner Program
» Send us your comments
» Support Statements

Evolving business value

» Tru64 UNIX to HP-UX 11i transition benefits calculator
» Alpha RetainTrust Program
» Transition

Related links

» Alpha systems
» HP-UX 11i
» Integrity servers
» Linux
» HP storage
» HP solutions
HP-UX 11i: measurably better TCO!

» Overview

Downloads

» Best practices

» Services

» Partners

Additional security software                                                                   Year 2005 2004, 2003

» cchwtest
» Common Data Security Architecture
» dirclean
» IPsec
» SSH

» Non-security related Early Release Patches (ERPs)

To access most patch links on this page, please register on the HP IT Resource Center website. Registration is free.

Security advisories and associated patches - 2003   

Problem description Security patch kit for affected OS/Patch Kit or product Last update Summary Cross-reference Fixed in next mainstream patch kit
SSRT3624 V5.1A,B
MTA V3.1

V5.1A,B
MTA V3.0

V4.0F,G
MTA V2.0C  
22-Dec-03 Tru64 UNIX MailBus X.400
Potential Buffer Overflow
 

Reboot
Required: No

VU#927278
 
Product is part of  the Tru64 UNIX SDK. It is not included in the OS patch kits.
SSRT3622 V5.1B PK3

Note:
This patch kit is a dual base level install kit designed for systems with either 5.1B PK3 or PK2 installed.

Internet Express (IX)

Insight Management Agents (IMA)

18-Dec-03 TLS/SSL
Potential
Denial of Service
or Unauthorized Access

Reboot
Required: Yes

CA-2003-26

Specifically:
 
CAN-2003-0543
CAN-2003-0544
CAN-2003-0545
NISCC 006489
5.1B PK4

Internet Express(IX) V6.2

Insight Management Agents(IMA) Patch kit
V3.2.1
SSRT3629A/B V5.1B PK2/PK3
SSH

V5.1B PK2/PK3
IPSec

V5.1A
SSH

V5.1A
IPSec

 

10-Dec-03 IPSec/SSH
Potential
Denial of Service
or Unauthorized Access

Reboot
Required: Yes

 

  5.1B PK4
 

5.1A kits are available via Web page download.

SSRT3657 V5.1 PK6 03-Dec-03 5.1 PK6 libdthelp

Potential Security Vulnerability

Reboot
Required: Yes
 

VU#575804 Affects only 5.1 PK6 which has no future aggregate patch kit
SSRT3653 V5.1B PK3
V5.1B PK2
V5.1A PK6
V5.1A PK5
V5.1 PK6
V4.0G PK4
V4.0F PK8
02-Dec-03

Updated:
05-Aug-04

BIND v8
Potential Security Vulnerabilities

Note:
(Update of 05-Aug-04)
The 5.1A PK6 kit has been rekitted to allow installation on NDH7

Note: The 5.1 PK6 patch kit supercedes the BIND v8 corrections in SSRT2275,2229.

Reboot
Required: No

VU#734644 5.1B PK4
5.1A PK7
SSRT2405a V4.0G PK4
V4.0F PK8
27-Oct-03 dtprintinfo  Potential Security Vulnerabilities

Reboot
Required: Yes

VU#860296 SSRT2405
 

 

Only affects 4.0G PK4 and 4.0F PK8.

No future patch kits are planned for these releases.

SSRT3589 V5.1BPK2
5.1A PK5
V5.1APK4
V5.1 PK6
V4.0G PK4
V4.0F PK8
06-Oct-03 dtmailpr
Potential Security Vulnerability

Reboot
Required: No

  5.1B PK3
5.1A PK6
SSRT3631 V5.1B PK3
V5.1B PK2
V5.1A PK5
V5.1A PK4
V5.1 PK6
V4.0G PK4
V4.0G PK3
V4.0F PK8
V4.0F PK7

Also all
Internet Express (IX)sendmail kits are affected. See the Security
Bulletin for specific kit locations.

27-Oct-03 Sendmail  Potential Security Vulnerability

**These patch kits supercede SSRT3612 and SSRT3531

Reboot
Required: No

 

 

CA-2003-25

 

5.1B PK4
5.1A PK6

Internet Express (IX) V6.2

SSRT3612
 

*This patch is
superceded by the SSRT3631 patch

IX sendmail 8.12.9

Affected versions: v8.12.0 through v8.12.8

09-Sep-03 Potential Security Vulnerability in Internet Express (IX) sendmail

Reboot
Required: No

 

VU#993452

Sendmail.Org

 
Internet Express (IX) V6.2
SSRT3507

V5.1B PK2
V5.1A PK5
V5.1A PK4
V5.1 PK6
V4.0G PK4
V4.0F PK8

08-Sep-03 Potential Security Vulnerability in dtterm

Reboot
Required: Yes




 

CAN-2003-0064 5.1B PK3
5.1A PK6
SSRT3606

Internet Express
wu-ftpd v2.6.2(1)
   
Affected versions: v2.5.0 through v2.6.2

26-Aug-03 Potential Security Vulnerability in Internet Express
wu-ftpd
 

Reboot
Required: No

 

  Internet Express (IX) V6.2
SSRT3588

V5.1B
(all patch kit levels)

V5.1A
(all patch kit levels)


25-Aug-03 Potential Security Vulnerability in ssh

Reboot
Required: No

Daemon restart required.

  5.1B PK4*

*Workaround Only for current versions of 5.1B.    

Updated ssh available for 5.1A.

SSRT2373 SSRT2374
SSRT2405
SRT2415
SSRT2416

V5.1B PK1
V5.1A PK4
V5.1 PK6

1-Jun-03 Potential CDE Buffer Overflows

Reboot
Required: Yes

  5.1B PK2
5.1A PK5
SSRT3518

V5.1B
(all patch kit levels)
V5.1A with IPsec webkit applied
(all patch kit levels)

1-May-03 Potential Vulnerability in
CDSA and IPsec

Reboot
Required: N/A

CERT Vulnerability
Note VU#997481
5.1B PK4

Workaround Only for current versions.         
SSRT3471

V5.1B PK1 and earlier
V5.1A
PK4 and earlier
V5.1
PK6 and earlier
V5.0A
PK3 and earlier
V4.0G
PK3 and earlier
V4.0F
PK7 and earlier

28-Apr-03 Potential Security
Vulnerability in Software Installation and Update Utilities

Reboot
Required: N/A

 

Not in a future mainstream patch kit. 

Procedural workaround only.          
SSRT3533 V5.1B PK1 22-Apr-03 Cluster Alias/NFS Potential Security Vulnerability

Reboot
Required: Yes

 

5.1B PK2
SSRT3498

V5.1B PK1
V5.1A PK4
V5.1 PK6
V4.0G PK3
V4.0F PK7

17-Apr-03 screend Potential Security
Vulnerability

Reboot
Required: Yes

 

5.1B PK3
5.1A PK5
SSRT3531

*This patch is
superceded by the SSRT3631 patch

V5.1B PK1
V5.1A PK4
V5.1 PK6
V4.0G PK3
V4.0F PK7
3-Apr-03 HP Tru64 UNIX sendmail buffer overflow Potential Security Vulnerability

**This patch Supercedes SSRT3469.

Reboot
Required: No

CERT Advisory CA-2003-12 5.1B  PK2
5.1A  PK5
4.0G  PK4
4.0F  PK8
SSRT2275,2229 V5.1A PK3
V5.1A PK2
V5.1 PK6
V5.1 PK5
V5.0A PK3
V4.0G PK3
V4.0F PK7
1-Apr-03 Potential Security Vulnerability Patches

Reboot
Required: Yes

CERT Advisory
CA-2002-19

CERT Advisory
CA-2002-20

CERT Advisory
CA-2002-23

CERT Advisory
CA-2002-25

5.1A  PK4
4.0G  PK4
4.0F  PK8
SSRT2322, 2341, 2384, 2412, 2439 V5.1B PK1
V5.1A PK4
V5.1 PK6
V4.0G PK3
V4.0F PK7
1-Apr-03 HP Tru64 UNIX Potential libc Security Vulnerabilities

Reboot
Required: Yes

 

CERT Vulnerability Note VU#516825

CERT Vulnerability Note VU#738331

CERT Vulnerability Note VU#266817

5.1B  PK2
5.1A  PK5
4.0G  PK4
4.0F  PK8
SSRT0845U V5.1A PK3
V5.1 PK6
V5.1 PK5
V5.0A PK3
V4.0G PK3
V4.0F PK7
12-Mar-03 stdio
Potential Security Vulnerability 

Reboot
Required: Yes

CERT Vulnerability Note VU#809347 5.1A  PK4
4.0G  PK4
4.0F  PK8
SSRT2339,2368 V5.1A PK3
V5.1 PK6
V5.1 PK5
V5.0A PK3
V4.0G PK3
V4.0F PK7
6-Mar-03 Potential Security Vulnerability ypxfrd, ypserv

 

Reboot
Required: No

  5.1A  PK4
4.0G  PK4
4.0F  PK8
SSRT2266 V5.1A PK3
V5.1 PK6
V5.1 PK5
V5.0A PK3
V4.0G PK3
V4.0F PK7
6-Mar-03 HP Tru64 UNIX IGMP Potential DoS Security Vulnerability

Reboot
Required: Yes

  5.1A  PK4
4.0G  PK4
4.0F  PK8
SSRT2265

V5.1A PK3
V5.1 PK6
V5.1 PK5
V5.0A PK3

6-Mar-03 HP TruCluster Server Interconnect Potential Security Vulnerability

Reboot
Required: Yes

CVE CAN-20002-0711 5.1A PK4
SSRT2208 V5.1A PK3
V5.1 PK6
V5.1 PK5
V5.0A PK3
V4.0G PK3
V4.0F PK7
6-Mar-03 /usr/sbin/routed Potential Security Vulnerability

Reboot
Required: Yes

  5.1A  PK4
4.0G  PK4
4.0F  PK8
SSRT2408, 2410, 2411

V5.1B PK1
V5.1A PK4
V5.1A PK3
V5.1 PK6
V5.1 PK5
V5.0A PK3
V4.0G PK3
V4.0F PK7

5-Mar-03 HP Tru64 UNIX Potential BIND Security Vulnerabilities

Reboot
Required: No

CERT Advisory CA-2002-31

CERT Vulnerability Note VU#852283

CERT Vulnerability Note VU#229595

CERT Vulnerability Note VU#581682

5.1B  PK2
5.1A  PK5
4.0G  PK4
4.0F  PK8
SSRT2301 V5.1A PK3
V5.1 PK6
V5.1 PK5
V5.0A PK3
V4.0G PK3
V4.0F PK7
4-Mar-03 uudecode Potential Security Vulnerability

Reboot
Required: No

CERT Vulnerability Note VU#336083

CVE CAN-2002-0178

5.1A  PK4
4.0G  PK4
4.0F  PK8
SSRT2422

V5.1 PK6
V5.1 PK5
V5.0A PK3

4-Mar-03 HP Tru64 UNIX XFS Potential Security Vulnerability

Reboot
Required: No

 

CERT Advisory CA-2002-34 No future mainstream patch kits are scheduled for the affected OS/BLs.

SSRT3469

*This patch is
superceded by the SSRT3531 patch

V5.1B PK1
V5.1A PK4
V5.1A PK3
V5.1 PK6
V5.1 PK5
V5.0A PK3
V4.0G PK3
V4.0F PK7

3-Mar-03 HP Tru64 UNIX sendmail Potential Security Vulnerability

Reboot
Required: No

CERT Vulnerability Note VU#398025 5.1B  PK2
5.1A  PK5
4.0G  PK4
4.0F  PK8
SSRT2400 V4.0F, V4.0G
Workaround
7-Feb-03 DNS Potential Security Vulnerability

Reboot
Required: No

CERT Vulnerability Note VU#457875 4.0G  PK4
4.0F  PK8

MD5 checksums are available from the ITRC patch database main page http://www.itrc.hp.com/service/patch/mainPage.do. From the patch database main page, click Tru64 UNIX, then click verifying MD5 checksums under useful links