COMMAND

    sendmail

SYSTEMS AFFECTED

    HP 9000 Series 700/800s running versions of HP-UX 9.X thru 10.10

PROBLEM

    Since December  1996 three  specific sendmail  patches (PHNE_9621,
    PHNE_10033, and PHNE_9622)  have been released  by Hewlett-Packard
    Company. If installed, they  incorrectly added new user  and group
    entries in the password and group files.  This allows unauthorized
    access. Note  that HP-UX  release 10.20  is not  affected by  this
    issue.  The source for this text is Hp advisory.

SOLUTION

    The system administrator needs  to perform the following  commands
    on the command  line only.   Do not use  SAM to fix  this issue at
    this time.

        grep '^sm[0-9]*' /etc/passwd

    The suspect entries have a ",.." in the password field. That ",.."
    entry needs to be replaced with  a "*".  The change can  be easily
    done with vipw.  Simply  removing the patch will not  remove these
    erroneous entries from the password file.  The action above  needs
    to be taken whether or not the patch is removed.