--------------------------------------------------- TOPIC: NTP remote buffer overflow PRODUCTS AFFECTED: UnixWare 7.1.0 and 7.1.1 PATCH: System Security Enhancement (SSE) SSE074 PATCH LOCATION: ftp://ftp.sco.com/SSE/sse074.Z ftp://ftp.sco.com/SSE/sse074.ltr SUMMARY: potentially exploitable buffer overflow fixed by SSE074 DATE: April 16, 2001 --------------------------------------------------- NOTE: SSE073, released last week, is for SCO OpenServer 5. System Security Enhancement (SSE) SSE074 - 16-April-2001 Dear SCO Customer, System Security Enhancement sse074, the ntp buffer overflow fix, addresses the following problems: Problem Fixed ------------- A buffer overflow was found by Przemyslaw Frasunek <venglinat_private> in the NTP daemon. Full exploit details can be found in the BUGTRAQ archive http://www.securityfocus.com/archive/1/174011 Contents -------- /usr/sbin/in.xntpd /usr/sbin/ntp_authspeed /usr/sbin/ntpdate /usr/sbin/ntpq /usr/sbin/ntptrace /usr/sbin/xntpdc Checksums --------- MD5 (sse074): ac29239a7fedca5aac20f637360c2af5 `sum -lr sse074`: 2869293884 727 Warning ------- This is a fix package produced by SCO Escalations and is not intended for general distribution. It has been produced to address a particular problem and has not been tested in all system configurations. Software Notes and Recommendations ---------------------------------- sse074 should only be installed on: UnixWare 7.1.0 or 7.1.1 If your system is running any libraries or commands that are contained in this patch, then these programs will continue to run with the old versions of these libraries or commands until the the system is rebooted. Note that when all necessary patches have been installed, it is good practice to reboot the system at the earliest opportunity. This will ensure that no programs continue to run with the old libraries or commands. Installation Instructions ------------------------- 1. Download the sse074.Z file to the /tmp directory on your machine. 2. As root, uncompress the file and add the package to your system using these commands: $ su Password: <type your root password> # uncompress /tmp/sse074.Z # pkgadd -d /tmp/sse074 # rm /tmp/sse074 Alternatively, this patch package may be installed in quiet mode, that is, without displaying the release notes and asking for confirmation. To do this, use these commands: $ su Password: <type your root password> # uncompress /tmp/sse074.Z # pkgadd -qd /tmp/sse074 all # rm /tmp/sse074 3. There is no need to reboot the system after installing this package. The release notes displayed prior to installation can be found in: /var/sadm/pkg/sse074/install/sse074.txt Removal Instructions -------------------- 1. As root, remove the package using these commands: $ su Password: <type your root password> # pkgrm sse074 2. There is no need to reboot the system after removing this package. If you have questions regarding this supplement, or the product on which it is installed, please contact your software supplier. References ---------- The vulnerability addressed in this patch was found by: Przemyslaw Frasunek <venglinat_private> For more details, see the following BUGTRAQ archive: http://www.securityfocus.com/archive/1/174011 Disclaimer ---------- SCO believes that this patch addresses the reported vulnerabilities. However, in order that it be released as soon as possible, this patch has not been fully tested or packaged to SCO's normal exacting standards. For that reason, this patch is not officially supported. Official supported and packaged fixes for current SCO products will be available in due course.
This archive was generated by hypermail 2b30 : Tue Apr 17 2001 - 01:47:28 PDT