If you have a SCO Desktop/OpenServer 3.0 or OpenServer 5.0 box and are
willing to test an exploit please contact me.
---------- Forwarded message ----------
-----BEGIN PGP SIGNED MESSAGE-----
=============================================================================
CERT* Vendor-Initiated Bulletin VB-97.14
November 25, 1997
Topic: Vulnerability in /usr/bin/X11/scoterm
Source: The Santa Cruz Operation, Inc. (SCO)
To aid in the wide distribution of essential security information, the
CERT Coordination Center is forwarding the following information from
The Santa Cruz Operation, Inc. (SCO). SCO urges you to act on this
information as soon as possible. SCO contact information is included
in the forwarded text below; please contact them if you have any
questions or need further information.
=======================FORWARDED TEXT STARTS HERE============================
SCO Security Bulletin 97:02
November 20, 1997
Vulnerability in /usr/bin/X11/scoterm
- ----------------------------------------------------------------------------
The Santa Cruz Operation has discovered the following problem present in
our software:
I. Description
A security vulnerability in the implementation of scoterm has been
identified which could allow unprivileged users to gain unauthorized
root access to the system.
II. Impact
Any user with an account on the system may be able to execute arbitrary
commands with root privileges.
A program which exploits this vulnerability is in existence, although
we do not believe it is currently being distributed. There is a risk
that the exploit method may be revealed, so the patch should be applied
as soon as possible.
III. Releases
This problem exists on the following releases of SCO operating systems:
- SCO Open Desktop/Open Server 3.0
- SCO OpenServer 5.0
The following releases are not vulnerable, and no patch is necessary:
- SCO CMW+ 3.0
- SCO UnixWare 2.1
IV. Solution
SCO is providing interim patches to address this issue in the form
of a System Security Enhancement (SSE) package. The SSE package
includes patches for all operating systems listed above.
The SSE package is available for Internet download via anonymous
ftp, and from the SCOFORUM on Compuserve.
If you are for some reason unable to access or install the patches,
you should temporarily disable scoterm by running the following
command as the root user:
# chmod 0 /usr/bin/X11/scoterm
You can download the SSE package as follows:
Anonymous ftp (World Wide Web URL)
- --------------
ftp://ftp.sco.COM/SSE/sse009.ltr (cover letter, uncompressed)
ftp://ftp.sco.COM/SSE/sse009.tar.Z (new binaries, compressed tar file)
Compuserve
- -----------
GO SCOFORUM, and search the file library for these filenames:
SSE009.LTR (cover letter, compressed)
SSE009.TAZ (new binaries, compressed tar file)
Checksums
- ----------
sum -r
59495 4 sse009.ltr
15226 602 sse009.tar.Z
Updates:
This bulletin is available for anonymous ftp download from
ftp://ftp.sco.COM/SSE/security_bulletins/SB.97:02a, and will be
updated as new information becomes available.
Further Information:
If you have further questions, contact your support provider. If you
need to contact SCO, please send electronic mail to supportat_private, or
contact SCO as follows.
USA/Canada: 6am-5pm Pacific Time (PST/PDT)
-----------
1-800-347-4381 (voice)
1-408-427-5443 (fax)
Pacific Rim, Asia, and Latin American customers: 6am-5pm Pacific
------------------------------------------------ Time (PST/PDT)
1-408-425-4726 (voice)
1-408-427-5443 (fax)
Europe, Middle East, Africa: 9am-5:30pm UK Time (GMT/BST)
----------------------------
+44 (0)1923 816344 (voice)
+44 (0)1923 817781 (fax)
========================FORWARDED TEXT ENDS HERE=============================
If you believe that your system has been compromised, contact the CERT
Coordination Center or your representative in the Forum of Incident Response
and Security Teams (FIRST). See http://www.first.org/team-info/.
We strongly urge you to encrypt any sensitive information you send by email.
The CERT Coordination Center can support a shared DES key and PGP. Contact
the CERT staff for more information.
Location of CERT PGP key
ftp://ftp.cert.org/pub/CERT_PGP.key
CERT Contact Information
- -------------------------
Email certat_private
Phone +1 412-268-7090 (24-hour hotline)
CERT personnel answer 8:30-5:00 p.m. EST
(GMT-5)/EDT(GMT-4), and are on call for
emergencies during other hours.
Fax +1 412-268-6989
Postal address
CERT Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh PA 15213-3890
USA
CERT publications, information about FIRST representatives, and other
security-related information are available from
http://www.cert.org/
ftp://ftp.cert.org/pub/
CERT advisories and bulletins are also posted on the USENET newsgroup
comp.security.announce
To be added to our mailing list for CERT advisories and bulletins, send your
email address to
cert-advisory-requestat_private
In the subject line, type
SUBSCRIBE your-email-address
* Registered U.S. Patent and Trademark Office.
The CERT Coordination Center is part of the Software Engineering
Institute (SEI). The SEI is sponsored by the U. S. Department of Defense.
This file: ftp://ftp.cert.org/pub/cert_bulletins/VB-97.14.scoterm
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBNHr9aXVP+x0t4w7BAQGxIQP/fHoEvpAaMgAxOvNuum97EN7QJG+GhetT
qdFV5qveyhgnJdlrQgf80lV3WsCYq9jh/KLpQIeszqLnmzWIitHW7JeThJeqZJPJ
0xpMdvftcM/o2073q7OcL195gyYvo+sbGUzA4KWfCAzV4OMDeS0ByQ07ViIh/XwS
R3A/rRR+KH8=
=1qyQ
-----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:33:27 PDT