Security Update: [CSSA-2001-SCO.25] OpenServer: various scoadmin/sysadm subprograms have buffer overflows

From: sco-securityat_private
Date: Thu Oct 11 2001 - 13:55:50 PDT

Next message: Ertan Kurt: "Re: Vulnerabilities in Ipswitch IMail Server 7.04"

Previous message: Murat Balaban: "Buffer Overflows Paper in Turkish."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: bugtraqat_private security-announceat_private announceat_private scoannmodat_private 


Do not reply to this mail. This security advisory is being sent from a
nonexistent address in order to avoid spam problems.  Caldera's
contact address for UNIX security issues is security-alertat_private


___________________________________________________________________________

	    Caldera International, Inc. Security Advisory

Subject:		OpenServer: various scoadmin/sysadm subprograms have buffer overflows
Advisory number: 	CSSA-2001-SCO.25
Issue date: 		2001 October 11
Cross reference:
___________________________________________________________________________


1. Problem Description
	
	Various programs that scoadmin and sysadmsh use have buffer
	overflows that could be used by a malicious user to gain
	privilege.


2. Vulnerable Versions

	Operating System	Version		Affected Files
	------------------------------------------------------------------
	OpenServer		<= 5.0.6a	/usr/lib/sysadm/atcronsh
						/usr/lib/sysadm/auditsh
						/usr/lib/sysadm/authsh
						/usr/lib/sysadm/backupsh
						/usr/lib/sysadm/lpsh
						/usr/lib/sysadm/sysadm.menu
						/usr/lib/sysadm/termsh


3. Workaround

	None.


4. OpenServer

  4.1 Location of Fixed Binaries

	ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.25/


  4.2 Verification

	md5 checksums:
	
	baf6e1a57f8a86803362a5cf798883aa	sysadm.tar.Z


	md5 is available for download from

		ftp://stage.caldera.com/pub/security/tools/


  4.3 Installing Fixed Binaries

	Upgrade the affected binaries with the following commands:

	( Note: if the sysadmsh subsystem is not installed, it is
	normal for some of the following mv commands to fail.)

	# uncompress /tmp/sysadm.tar.Z
	# for i in atcronsh auditsh authsh backupsh lpsh sysadm.menu termsh
	> do
	> mv /usr/lib/sysadm/$i /usr/lib/sysadm/${i}-
	> chmod 0 /usr/lib/sysadm/${i}-
	> done
	# cd /
	# tar xvf /tmp/sysadm.tar


5. References

	This and other advisories are located at
		http://stage.caldera.com/support/security

	This advisory addresses Caldera Security internal incidents
	sr849820, SCO-559-1295 and erg711790.

6. Disclaimer

	Caldera International, Inc. is not responsible for the misuse
	of any of the information we provide on our website and/or
	through our security advisories. Our advisories are a service
	to our customers intended to promote secure installation and
	use of Caldera International products.


7. Acknowledgements

	Caldera International wishes to thank KF <dotslashat_private>
        for discovering and reporting this problem.

	 
___________________________________________________________________________

application/pgp-signature attachment: stored

Next message: Ertan Kurt: "Re: Vulnerabilities in Ipswitch IMail Server 7.04"
Previous message: Murat Balaban: "Buffer Overflows Paper in Turkish."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Oct 11 2001 - 14:28:23 PDT