Resolution
What does Hotfix 48096 do?
fact
Sun Solaris 2.8
fact
Sun Solaris 2.9
fact
VigilEnt Security Agent for Unix 5.0
fact
NetIQ Vulnerability Manager 5.0
symptom
Running the "Suspicious files in root's search path" NetIQ Check causes errors.
symptom
Error: 'uvservd[$PID]: [ID xxxxx local4.info] stderr = Usage: su [-] [ username [ arg ... ]]'
symptom
Error: 'Jun 25 20:19:51 arbbchaudit01a uvservd[17574]: [ID 178353 local4.info] stderr = Usage: su [-] [ username [ arg ... ]]'
symptom
Messages in syslog show uvservd failing to su.
cause
As of Solaris 8, the
su command no longer accepts the -l option. Previously, Vulnerability Manager used su -l to initialize the root $PATH to check it for suspicious entries.fix
VigilEnt Security Agent for Unix 5.0 Hotfix 48096
Hotfix 48096 corrects an issue where running the Suspicious Files in root's Search Path security check on Solaris 9 hosts may generate inaccurate errors in the logs.
This hotfix requires VigilEnt Security Agent for Unix 5.0 Service Pack 1. If you are using Vulnerability Manager 5.0, install Vulnerability Manager 5.0 Service Pack 1a before installing this hotfix.
Hotfix 48096 modifies the /vsaunix/<OS-TYPE>/vsau/bin/sysrpts.sc file in the installation directory on the agent computer.
The hotfix readme file includes instructions for installing the hotfix. For more information about VigilEnt Security Agent for Unix, Vulnerability Manager, and this hotfix, contact Technical Support at www.netiq.com/support.