Read Before Installing Support Plus HP-UX 11i Version 1, September 2003
18
PHNE_26413 (Critical Patch Warning)
A critical patch warning has been issued for PHNE_26413:
PHNE_26413 - s700_800 11.11 nettl(1M), netfmt(1M) and
nettladm(1M) patch
03/07/30 - This Critical Warning has been issued by HP.
- PHNE_26413 introduced a potential denial of service
security vulnerability. With PHNE_26413 installed, a non-
root user can cause a system panic.
- This potential security vulnerability was announced in
HP Security Bulletin HPSBUX0207-270.
- To avoid this potential security vulnerability, HP rec-
ommends that PHNE_26413 be removed from all systems on
which it is installed.
- The previous patch, PHNE_24473, does not exhibit this
same behavior. To ensure as many issues as possible are
addressed, HP recommends that PHNE_24473 be installed
after PHNE_26413 is removed. If PHNE_24473 was installed
prior to PHNE_26413 it will automatically be restored when
PHNE_26413 is removed and it will not need to be rein-
stalled.
- This behavior will be corrected in patch PHNE_28444,
expected to be available by the end of August 2003. HP rec-
ommends that PHNE_28444 be installed after PHNE_26413 is
removed.
- PHNE_26413 was included in the following Support Plus
Patch Bundles:
June 2003: GOLDBASE11i,B.11.11.0306.4