Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-282: HP-UX Running WBEM Services

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-282: HP-UX Running WBEM Services
# 1  
Old 05-01-2008
S-282: HP-UX Running WBEM Services
Potential security vulnerabilities have been identified with HP-UX running WBEM Services that could remotely execute arbitrary code or gain extended privileges. The risk is MEDIUM. These vulnerabilities could be exploited remotely to execute arbitrary code or to gain extended privileges.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. HP-UX

How to fetch all running services on HP-UX?

Hi All, I have a requirement to get all the running services on few HP-UX boxes. In Linux systems I am able to do that successfully using: chkconfig --list. However I can't find anything equivalent in HP-UX. If anyone has any pointers on the same then please suggest. Adyan (4 Replies)
Discussion started by: Adyan Faruqi
4 Replies

2. HP-UX

List running services, corresponding package name and status.

Hi, I am trying to list down list of running services, corresponding package name and status on HP-UX box. The output will be a CSV in a fashion:- Service Name, Package Name, Status. While working on Linux centos, I used chkconfig to do the same. Below was the snippet:- for i in `chkconfig... (3 Replies)
Discussion started by: Happy83
3 Replies

3. AIX

List running services, Package name and status on AIX.

Hi, How can I list running services, corresponding package name and status on the AIX host? On Linux (Centos), I use the below code snippet:- for i in `chkconfig --list | awk '{ print $1}'`; do status=`/sbin/service $i status` packagename=`rpm -qf /etc/init.d/$i` done Is there... (2 Replies)
Discussion started by: Vipin Batra
2 Replies

4. Solaris

Java web console Vs Web-Based Enterprise Management(WBEM)

Java web console Vs Web-Based Enterprise Management(WBEM) 1. I like to understand the difference in purpose of using java web console and Web-Based Enterprise Management (WBEM) 2. As per CIS benchmark, both of them has to be disabled when not used for increased security. Solaris admin(s) -... (0 Replies)
Discussion started by: cyberidude
0 Replies

5. UNIX for Advanced & Expert Users

detecting the running services

I did search on the subject on services in linux and they do explain how to find what are the services that loaded when the linux boot. however I have not find how to detect what services run right now. I would like to now that and how to kill services. Thanks. (3 Replies)
Discussion started by: programAngel
3 Replies

6. SuSE

Which command can be used to show running services?

Hi Dear Guys: I want to get a list of running services. Is there any command having this functionality? (3 Replies)
Discussion started by: crest.boy
3 Replies

7. UNIX for Dummies Questions & Answers

Running services, how to disable some?

Hello all happy people! :) Iam trying to figure out how to disable running services, and witch i can disable. Iam running ssh,apache,ftp and identd. Here is an output from nmap: 21/tcp open ftp Solaris ftpd 22/tcp open ssh SunSSH 1.1 (protocol 2.0) 23/tcp ... (2 Replies)
Discussion started by: empty
2 Replies

8. UNIX for Dummies Questions & Answers

List services running in UNIX

We have lost our Sys Admin and with the DST changes.. i need to make sure all services are re-started on a SUN server running SUNOS 5.9 How can i list what is running and make sure they are running after the DST patches are applied? (2 Replies)
Discussion started by: JanSP
2 Replies

9. UNIX for Dummies Questions & Answers

Looking for administration tool to check if services are running

Hi! We are having problems with our unix servers (SunOS 5.9) that services for some of our applications are continuously going down. (this is more due to the applications installed than the UNIX OS). What I am looking for is some kind of administrative tool where I can set what service to scan... (1 Reply)
Discussion started by: erinor
1 Replies
Login or Register to Ask a Question

LEARN ABOUT SUNOS

wbem

wbem(5) 						Standards, Environments, and Macros						   wbem(5)

NAME

       wbem - Web-Based Enterprise Management

DESCRIPTION

       Web-Based  Enterprise Management (WBEM) is a set of management and Internet-related technologies intended to unify the management of enter-
       prise computing environments. Developed by the Distributed Management Task Force (DMTF), WBEM enables organizations  to	deliver  an  inte-
       grated  set  of	standards-based management tools that support and promote World Wide Web technology. The DMTF has developed a set of stan-
       dards that make up WBEM. This set of standards includes:

	 o  Common Information Model (CIM) - an object-oriented data model that describes the overall management of information in  an	enterprise
	    network environment. CIM consists of a CIM specification and a CIM schema:

	    CIM Specification	    Consists of the language and methodology that describes management data.

	    CIM Schema		    Provides  actual model descriptions of systems, applications, large area networks, and devices. The CIM Schema
				    enables applications from different developers on different platforms to describe management data in  a  stan-
				    dard format. As a result, a variety of management applications can share this information.

	 o  CIM  Operations Over HyperText Transport Protocol (HTTP) 1.1 is a transport mechanism that maps CIM operations to HTTP to allow imple-
	    mentations of CIM to interoperate in an open, standardized manner.

	    CIM Operations Over HTTP 1.1 uses eXtensible Markup Language (XML), which is a markup language that represents management  information
	    in textual form.

	    In	addition  to  the  XML representation, CIM information is also represented textually by the managed object format (MOF). These MOF
	    representations are typically stored as text files that developers compile into a CIM Object Manager.

EXTENDED DESCRIPTION

   WBEM Tools and Services
       Tools and services that enable developers to create and Services management applications and instrumentation that manage heterogeneous com-
       puter environments include:

	 o  Solaris WBEM Services 2.5

	 o  Solaris WBEM Software Development Kit 2.5

   Solaris WBEM Services 2.5
       These  services	consist of a set of value-added Services 2.5 components. These services make it easier for developers to create management
       applications that run in the Solaris operating environment. They also make the Solaris operating environment easier to manage. Solaris WBEM
       Services 2.5 consists of:

	 o  CIM Object Manager, CIM Repository, and MOF Compiler

	 o  CIM  and Solaris Schema, which is an extension schema of CIM. CIM and Solaris Schema is a collection of CIM classes that describe man-
	    aged elements in the Solaris operating environment. These classes are available from the CIM Object Manager at start up.

	 o  Solaris Providers, which are programs that communicate information between the Solaris operating environment and the CIM  Object  Man-
	    ager (providers get and set "dynamic" information about managed elements, acting as an intermediary between the CIM Object Manager and
	    the managed elements).

	    Solaris software providers have been developed for a variety of areas: users, roles, file  systems,  and  network  configuration,  for
	    example.  A  remote  provider  is  also  available to distribute agents away from the CIM Object Manager when required. Because of the
	    incremental development capabilities of the WBEM instrumentation framework, developers can progressively  and  consistently  add  more
	    providers for additional Solaris software services.

	 o
	    SNMP  Adapter  for	WBEM,  which enables Simple Network Management Protocol (SNMP) management applications to access system management
	    information that is provided by Solaris WBEM Services. Used with the Solstice Enterprise Agent (SEA) Master Agent snmpdx(1M), the SNMP
	    Adapter for WBEM maps SNMP requests into equivalent WBEM Common Information Model (CIM) properties or instances.

	    The SNMP Adapter for WBEM also remaps the response from the CIM Object Manager into an SNMP response, which is returned to the manage-
	    ment application.

	    A mapping file contains the corresponding Object Identifier (OID), class name, property name, and Abstract Syntax Notation One (ASN.1)
	    type for each object. Developers can create their own mapping files.

	 o  SNMP Provider, which enables WBEM services to deliver SNMP information.

   Solaris WBEM Software Development Kit 2.5
       This  kit  consists  of a set of key application Software development tools that make it easier for developers to write management applica-
       tions that can communicate with any WBEM-enabled management device. The Solaris WBEM Software Development Kit includes examples, documenta-
       tion,  and  CIM Workshop, a graphical user interface through which developers can view and create classes and instances, through the remote
       method invocation (RMI) or the XML/HTTP protocol.

       Developers can also use this kit to write providers, which are programs that communicate with managed elements to access data.

       All management applications that developers create with the Solaris WBEM Software Development Kit run on the Java platform. The	Solaris  9
       WBEM  Software  Development  Kit  installs  and runs in version 1.4 of the Java environment. Developers can use the kit to write standalone
       applications or applications that run in conjunction with Solaris WBEM Services.

       The Solaris WBEM Software Development Kit is described in the Solaris WBEM SDK Development Guide. Javadoc for the WBEM application program-
       ming interface is located at /usr/sadm/lib/wbem/doc/index.html.

   Compatibility of Solaris WBEM Services with Existing Protocols
       Adapters  and  converters enable Solaris WBEM Services of Solaris to work compatibly with existing protocols by mapping WBEM information to
       these protocols. One such protocol is Simple Network Management Protocol (SNMP).

       Legacy management applications can administer WBEM-enabled software in the Solaris operating environment. Developers can  write	agents	or
       providers  that convert information from these protocols to WBEM, and they can write adapters that convert WBEM information into these pro-
       tocols.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SPARC and x86		   |
       +-----------------------------+-----------------------------+
       |Architecture		     |SUNWwbapi, SUNWwbcor,  SUN-  |
       |			     |Wwbcou,  SUNWwbdev, SUNWwb-  |
       |			     |doc, SUNWwbpro		   |
       +-----------------------------+-----------------------------+
       |CSI			     |Enabled			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       appletviewer(1), cimworkshop(1M), init.wbem(1M), mofcomp(1M), mofreg(1M),  snmpdx(1M),  wbemadmin(1M),  wbemconfig(1M),	wbemlogviewer(1M),
       attributes(5)

SunOS 5.10							    5 Nov 2001								   wbem(5)