COMMAND

    SharedX Receiver Service

SYSTEMS AFFECTED

    HpUX 10.20

PROBLEM

    Following is based  on S.A.F.E.R. Security  Bulletin.  By  sending
    specific amount of characters to SharedX Receiver Service,  remote
    (and  local)  users  can  perform  DoS  attack against HP-UX 10.20
    machine.  Recserv process reaches 100% (or less, depending on  CPU
    usage by other processes) 3-5 minutes after attack, and has to  be
    killed  and  restarted.   HP  SharedX  Receiver  Service (recserv)
    provides a method for a  receiver to allow the sharing  of windows
    without explicitly  performing any  xhost commands.   The Internet
    daemon, inetd, executes recserv when it receives a service request
    at the port listed in the services database.

SOLUTION

    Install the applicable patch:

        HP-UX revision 10.01  HP9000 Series 7/800   PHSS_16646
        HP-UX revision 10.10  HP9000 Series 7/800   PHSS_16647
        HP-UX revision 10.20  HP9000 Series 7/800   PHSS_16648
        HP-UX revision 11.00  HP9000 Series 7/800   PHSS_16649

    For HP-UX revisions  prior to 10.01,  update to 10.X,  or 11.X and
    install the applicable patch.