Patch Name: PHSS_28840 Patch Description: s700_800 11.X OV SIP3.1 Prevent blank passwords Creation Date: 03/03/11 Post Date: 03/03/18 Hardware Platforms - OS Releases: s700: 11.00 11.11 s800: 11.00 11.11 Products: OpenView Service Information Portal 3.1 Filesets: HPOVSIP.OVSIP,fr=B.01.10,fa=HP-UX_B.11.00_32/64,v=HP Automatic Reboot?: No Status: General Release Critical: No Category Tags: defect_repair general_release Path Name: /hp-ux_patches/s700_800/11.X/PHSS_28840 Symptoms: PHSS_28840: If the LDAP server is configured to allow anonymous bind then a SIP user can log in by leaving the password field blank. Defect Description: PHSS_28840: There was no check for blank passwords in the LDAP code Resolution: A check for blank password has been added. Enhancement: No SR: 8606285946 Patch Files: HPOVSIP.OVSIP,fr=B.01.10,fa=HP-UX_B.11.00_32/64,v=HP: /opt/OV/SIP/webapps/ovportal/WEB-INF/classes/com/hp/ov/ portal/security/LDAPAuthenticationProvider.class what(1) Output: HPOVSIP.OVSIP,fr=B.01.10,fa=HP-UX_B.11.00_32/64,v=HP: /opt/OV/SIP/webapps/ovportal/WEB-INF/classes/com/hp/ov/ portal/security/LDAPAuthenticationProvider.class: None cksum(1) Output: HPOVSIP.OVSIP,fr=B.01.10,fa=HP-UX_B.11.00_32/64,v=HP: 3957085345 10234 /opt/OV/SIP/webapps/ovportal/WEB-INF/ classes/com/hp/ov/portal/security/ LDAPAuthenticationProvider.class Patch Conflicts: None Patch Dependencies: None Hardware Dependencies: None Other Dependencies: None Supersedes: None Equivalent Patches: OVSIPSOL_00018: sparcSOL: 2.6 2.7 2.8 OVSIPNT_00017: intelWIN2000: 1.00 Patch Package Size: 40 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHSS_28840 5. Run swinstall to install the patch: swinstall -x autoreboot=true -x patch_match_target=true \ -s /tmp/PHSS_28840.depot By default swinstall will archive the original software in /var/adm/sw/save/PHSS_28840. If you do not wish to retain a copy of the original software, include the patch_save_files option in the swinstall command above: -x patch_save_files=false WARNING: If patch_save_files is false when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. For future reference, the contents of the PHSS_28840.text file is available in the product readme: swlist -l product -a readme -d @ /tmp/PHSS_28840.depot To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHSS_28840.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: ======================================================== BEFORE LOADING THIS PATCH... - Stop the Tomcat server. - If you want to reinstall SIP, then you will have to remove the patch. Once the re-install is over you can apply the patch again. NOTE : Tomcat is not started after the patch is loaded You will need to manually start it. Also, in order to keep a history of the patches installed on your system the post-install script will attempt to copy this .text file to /opt/OV/SIP/patches. Please make sure this file is in /tmp before installation. ========================================================