A fixed binary is now available in the SCO Security Enhancements directory on ftp.sco.com: ftp://ftp.sco.com/SSE Get files README and sse013.*. Check the README for other supplements that you should also have, depending on your OS release. The popper fix applies to SCO OpenServer 5.0.0 through 5.0.4, SCO Internet FastStart 1.0.0 and 1.1.0. The popper in UnixWare 7 and in UnixWare 2.x-based Internet FastStart is based on completely different source and doesn't have this set of problems. >Bela< PS: interesting case study. A friend of mine runs an OSR5 public access system. When this exploit was posted, I immediately broke root on his system with it. I then disabled popper and told him about it. He installed a fixed popper binary. In the succeeding 24 hours, syslog showed 5 separate attempts from around the world -- none of which succeeded. The problem which caused this vulnerability has been well known for 2-3 weeks. But until a "no brainer" attack was made available, actual attacks weren't happening.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:05:32 PDT