Recent postings about SCO UnixWare 7

From: Andrew Malcolm (andrewmaat_private)
Date: Wed Dec 15 1999 - 10:24:26 PST

Next message: Markus Friedl: "Re: sshd1 allows unencrypted sessions regardless of server policy"

Previous message: David Schwartz: "Re: sshd1 allows unencrypted sessions regardless of server policy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The SCO engineering groups are aware of the recent postings to BUGTRAQ
regarding security holes in UnixWare 7.

Fixes to the following list of problems are being developed at the moment,
and patches will be published in the next 7 working days (on or before
December 24th). The problems being addressed are

- UnixWare read/modify users' mail
- UnixWare gain root with non su/gid binaries
- UnixWare coredumps follow symlinks
- UnixWare pkg* command exploits
- Fundamental flaw in UnixWare 7 security.

--
Andrew Malcolm, SCO Security Group.

Next message: Markus Friedl: "Re: sshd1 allows unencrypted sessions regardless of server policy"
Previous message: David Schwartz: "Re: sshd1 allows unencrypted sessions regardless of server policy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:21:17 PDT