HP plugs SSL exploit for HP-UX
April 1, 2009
Hewlett-Packard's support team announced a security alert for all HP-UX servers running any version of HP-UX 11, warning the community this week that the OpenSSL security mechanism can be used to breach HP's Unix system.
Unix exploits generate critical warnings on a regular basis for HP-UX servers. To mitigate the risk, HP patches up such breeches as quickly as possible. The latest information on how to keep the security tool SSL from becoming a Unix back door, by adding patch HPSBUX02418, is available at HP's IT Response Center (ITRC) Web site.
Content Type: HP-UX security bulletins digest
PRIORITY: Critical
OS: HP-UX,UNIX
Release Date: 03/30/2009
HP notes that HP-UX users such as those who have migrated to the company's HP 9000 or Integrity platforms will need a Response Center login ID and password to read the security bulletin. And to comply with HP's requests, the information excerpted above is
You can sign up for automatic notice of these recurring alerts. HP instructs system administrators to initiate a subscription to receive future HP Security Bulletins via e-mail at the HP Web page for bulletins:
Under Step1: your ITRC security bulletins and patches
- check ALL categories for which alerts are required and continue.
Under Step2: your ITRC operating systems
- verify your operating system selections are checked and save.