Code [netw001f]
The listed file is world writable. chmod -ow file to correct.
Code [netw002f]
The listed file is not owned by an 'administrative' account. Change the ownership, or add your admin user to 'Tiger_Admin_Accounts' list of valid administrative users.
Code [netw003f]
The inetd daemon is not configured with login enabled. If xinetd based, add the 'filelog' or 'syslog' options in /etc/sysconfig/xinetd configuration file.
Code [netw004f]
The syslogd daemon should be executing to log system events. Please add the appropriate start link to /etc/rc.d/rc[RUNLEVEL].d to the /etc/rc.d/init.d/syslog script, or install syslog if it isn't.
Code [netw005f]
Omniback is installed, but there is no cell server specified. Please put the IP address of your cell server in /usr/omni/config/cell/cell_server
Code [netw006f]
Please specify the cell server by IP address in /usr/omni/config/cell/cell_server to prevent DNS spoofing.
Code [netw006f]
Disable fingerd in inetd's config file and rety exists in the distributed printing facility of all releases of NeXTSTEP software though NeXTSTEP 3.0. The "_writers" property on the "/printers" and "/fax_modems" should be removed.
See the CERT advisory for more details.
Code [misc010w]
CERT Advisory CA-93:15
CERT Advisory CA-93:16
A serious vulnerability exists in most versions of sendmail distributed prior to late October, or early November 1993. This vulnerability allows remote users to execute arbitrary programs. The vulnerability affects the final destination host, therefore firewalled machines are vulnerable. The CERT advisory CA-93:16 provides three approaches for the problem. If feasible, the best approach is to disable the program mailer (Mprog) in the `sendmail.cf' file. If not feasible, then a version of sendmail (such as sendmail 8.6.4 or later from ftp.cs.berkeley.edu) should be installed. Vendor provided fixes are
HP-UX 8.x, series 300/400 PHNE_3369
HP-UX 9.x, series 300/400 PHNE_3370
HP-UX 8.x, series 700/800 PHNE_3371
HP-UX 9.x, series 700/800 PHNE_3372
Code [misc011w]
The local sendmail.cf is using the sendmail restricted shell (smrsh) for program delivery, but it appears to use a program which allows the vulnerabilities discussed in `misc010w' to be exploited.
Code [misc012e]
The indicated file could not be read. This generally indicates that the check was attempted from a userid with insufficient privileges.
Code [misc013w]
CERT Advisory CA-93:17
The xterm utility contains a vulnerability which allows any file to be overwritten, or the ownership of the file changed. Consult vendors for patches for supported versions of xterm. MIT Patch 26 for X11R5 contains a patch for the MIT distribution.
Code [misc014w]
The file `/etc/rcS' is executed during the switch to single user mode (part of booting and shutting down). If file system checks fail, then this script will start a root shell on the console. To force a password to be entered, locate the line that reads
/sbin/sh < /dev/console
and change this to
/sbin/sulogin
This will force the root password to be entered should the file system checks fail.
Code [misc015w]
The `xload' utility, when built with the standard (unpatched) MIT X11R5 distribution on systems with dynamic linking, contains a security vulnerability. The link step links against libraries using relative pathnames (../../..). To correct the problem, the `xload' utility should be relinked without these pathnames (the absolute pathname to your X11 libraries should be used).
Another alternative is to disable the `xload' utility by turning off the setuid and/or setgid bits.
Code [misc016w]
The `ie', `le',