I knew that HP has "the answer" to the problem of the patch management. However reading the details: http://h20000.www2.hp.com/bc/docs/support/SupportManual/c00267883/c00267883.pdf?jumpid=reg_R1002_USEN
you can see that it covers only Microsoft and Redhat patches.
What about Adobe, Java, other 3rd party software?
The VPM is obviously only for servers.
Thursday, March 12, 2009
HP OpenSSH vulnerability
HP OpenSSH (from HP Proliant pack, HP SIM)comes with C:\Program Files\OpenSSH\bin\cygwin1.dll version 1.5.4
This version is vulnerable according to http://www.nessus.org/plugins/index.php?view=single&id=28330.
to fix it download HP IS 3.0 DVD where you will get cygwin1.dll version 1.5.25.
http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=ISDVD&jumpid=reg_R1002_USEN
This version is vulnerable according to http://www.nessus.org/plugins/index.php?view=single&id=28330.
to fix it download HP IS 3.0 DVD where you will get cygwin1.dll version 1.5.25.
http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=ISDVD&jumpid=reg_R1002_USEN
Friday, March 6, 2009
JRE silent install
Here is command for silent install:
jre-6u12-windows-i586-p-s.exe /s /v "/qn IEXPLORER=1 REBOOT=ReallySuppress JAVAUPDATE=0 WEBSTARTICON=0 /L %temp%\setup.log"
the package itself can be downloaded from http://java.sun.com/javase/downloads/index.jsp
IE should not be open during install.
jre-6u12-windows-i586-p-s.exe /s /v "/qn IEXPLORER=1 REBOOT=ReallySuppress JAVAUPDATE=0 WEBSTARTICON=0 /L %temp%\setup.log"
the package itself can be downloaded from http://java.sun.com/javase/downloads/index.jsp
IE should not be open during install.
Tuesday, March 3, 2009
Scheduled tasks in Windows 2003
I was trying to replace local server administrator to less powerful account in the Sceduled Task definition. But it took some time to set the right properly. Please refer to the following article:
http://www.instant-registry-fixes.org/resolve-error-message-0x80070005-access-is-denied/
to sum up: you can use local account to run as for the task. This account should not be local administrators. Give apropriate rights to the data folders and read/execute to binary folder. Using Local security setting (admin tool) add logon locally and as as a batch. If your script is cmd, add permission to cmd.exe to be exceuted for this account.
http://www.instant-registry-fixes.org/resolve-error-message-0x80070005-access-is-denied/
to sum up: you can use local account to run as for the task. This account should not be local administrators. Give apropriate rights to the data folders and read/execute to binary folder. Using Local security setting (admin tool) add logon locally and as as a batch. If your script is cmd, add permission to cmd.exe to be exceuted for this account.
Subscribe to:
Posts (Atom)