Content-type: text/plain; charset=us-ascii
Security Alert wrote:
> "Kevin K. Sochacki" <kksocha@ERENJ.COM> wrote:
> > I have discovered a bug in rexecd on system running HPUX 10.20 that have
> > been converted to trusted systems.
> >This problem has been report to HP and is currently being addressed.
> to which we respectfully add:
> This problem _has_ been fully addressed in patch PHNE_12161. It was posted
> to our patch hub on 19 August, and targets all HP9000 S700/800 10.X trusted
> HP S/W Security Team
The problem addressed in patch PHNE_12161 as implied in the description,
only fixed a problem of not updating the bad login counter. This _does_
fix the vulnerability issue, however on successful log ins the bad login
counter _does_not_ get cleared, therefor locking the users out no matter
how many times they login successfully between unsuccessful attempts.
So to your reply I respectfully add:
This problem _has_NOT_ been fully addressed in patch PHNE_12161. It
only addressed the most severe part of the problem, leaving an
administrative headache. If you consider the administrator who's work
load can't handle the added stress of constantly reactivating a number
users, he may opt to disable this feature once again leaving the system
I have patch PHNE_12161 applied and I'm constantly reactivating user
accounts do to this problem. I have confirmed the problem it is
reproducible and is a major headache. This is still a very big problem!
-- (...Later..:) :)**************************(: Exxon Research & Engineering (: _/_/_/ _/_/ _/_/_/:) Kevin K. Sochacki :) _/ _/ _/ _/ (: ICS CC124 (908) 730-2911 (: _/_/_/ _/ _/ & _/_/_/ :) mailto:email@example.com :) _/ _/_/ _/ (: PERSONAL (:_/_/_/ _/ _/ _/_/_/ :) mailto:firstname.lastname@example.org :)**************************(: http://mars.superlink.net/kks
--Boundary_(ID_A9jXn9G0XXwhYi/+Ue/0bA) Content-type: text/x-vcard; name=vcard.vcf; charset=us-ascii Content-description: Card for Kevin Sochacki Content-disposition: attachment; filename=vcard.vcf Content-transfer-encoding: 7bit
begin: vcard fn: Kevin Sochacki n: Sochacki;Kevin org: Exxon Research & Engineering adr: Route 22 East;;;Annandale;NJ;08801;USA email;internet: email@example.com title: Contractor tel;work: (908) 730-2911 tel;fax: (908) 730-3823 tel;home: (908) 874-8414 x-mozilla-cpt: ;0 x-mozilla-html: TRUE end: vcard