Security Update: [CSSA-2001-SCO.34] Open UNIX, UnixWare 7: xlock buffer overflow

From: securityat_private
Date: Fri Nov 16 2001 - 15:28:16 PST

Next message: Hack Kampbjørn: "RE: NSFOCUS SA2001-07 : ActivePerl PerlIS.dll Remote Buffer Overf low Vulnerability"

Previous message: Robert Bihlmeyer: "Re: OpenSSH & S/Key information leakage"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: bugtraqat_private announceat_private scoannmodat_private

___________________________________________________________________________

	    Caldera International, Inc. Security Advisory

Subject:		Open UNIX, UnixWare 7: xlock buffer overflow
Advisory number: 	CSSA-2001-SCO.34
Issue date: 		2001 November 16
___________________________________________________________________________


1. Problem Description
	
	The /usr/bin/X11/xlock program contains a potential security
	problem via a buffer overflow. This could be used by an
	unauthorized user to gain privilege.


2. Vulnerable Versions

	Operating System	Version		Affected Files
	------------------------------------------------------------------
	UnixWare 7		7.1.0, 7.1.1	/usr/bin/X11/xlock
	Open UNIX		8.0.0		/usr/bin/X11/xlock


3. Workaround

	Remove the setuid bit from the binary:

		chmod -s /usr/bin/X11/xlock


4. UnixWare 7, Open UNIX 8

  4.1 Location of Fixed Binaries

	ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.34/


  4.2 Verification

	md5 checksums:
	
	7220c59693f2db6312173259a37a6ba5	xcontrib_801.pkg


	md5 is available for download from

		ftp://stage.caldera.com/pub/security/tools/


  4.3 Installing Fixed Binaries

	Download the xcontrib_801.pkg file to /usr/tmp.

	This package is an upgrade install to UnixWare 7 xcontrib
	package version 7.1.1 and Caldera OpenUNIX 8 version 8.0.0.
	This version 8.0.1 contains all the components released with
	any previous updates plus the bug fixes mentioned above.  To
	verify the currently installed version of this package:

		# pkginfo -x xcontrib

	It is not necessary, nor recommended, to remove previous
	versions of this package from the system before installing
	this updated version.

	To install this package, you may use the SCOadmin Application
	Installer from the desktop, or as a root login with pkgadd:

	# pkgadd -d /usr/tmp/xcontrib_801.pkg

	NOTE: Do not use /tmp as the download directory. It could fail
	with a 'No space' message during pkgadd.

	The message

		WARNING: UnixWare Update 7.x.x should be reapplied

	can be safely ignored.  There are no files in the Update which
	patch this package.


5. References

	This and other advisories are located at
		http://stage.caldera.com/support/security

	This advisory addresses Caldera Security internal incidents
	sr848020, fz518827, erg711744.


6. Disclaimer

	Caldera International, Inc. is not responsible for the misuse
	of any of the information we provide on our website and/or
	through our security advisories. Our advisories are a service
	to our customers intended to promote secure installation and
	use of Caldera International products.

___________________________________________________________________________

application/pgp-signature attachment: stored

Next message: Hack Kampbjørn: "RE: NSFOCUS SA2001-07 : ActivePerl PerlIS.dll Remote Buffer Overf low Vulnerability"
Previous message: Robert Bihlmeyer: "Re: OpenSSH & S/Key information leakage"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Nov 19 2001 - 08:23:47 PST