Security Update: [CSSA-2001-SCO.39] Open UNIX, UnixWare 7: timed does not enforce nulls

From: securityat_private
Date: Mon Dec 10 2001 - 17:42:10 PST

  • Next message: Paul Starzetz: "Re: Crashing X" 

    To: bugtraqat_private announceat_private scoannmodat_private

___________________________________________________________________________

	    Caldera International, Inc. Security Advisory

Subject:		Open UNIX, UnixWare 7: timed does not enforce nulls
Advisory number: 	CSSA-2001-SCO.39
Issue date: 		2001 December 10
Cross reference:
___________________________________________________________________________


1. Problem Description
	
	The timed program does not enforce null-termination of strings
	in certain situations. It is possible that this could be used
	by a malicious user to perform a remote denial-of-service
	attack.


2. Vulnerable Versions

	Operating System	Version		Affected Files
	------------------------------------------------------------------
	UnixWare 7		All		/usr/sbin/in.timed
	Open UNIX		8.0.0		/usr/sbin/in.timed


3. Workaround

	If the in.timed service is not needed, it may be disabled.


4. UnixWare 7, Open UNIX 8

  4.1 Location of Fixed Binaries

	ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.39/


  4.2 Verification

	md5 checksums:
	
	87c68b618f4317dd92460aaa49e6a522	erg711890.Z


	md5 is available for download from

		ftp://stage.caldera.com/pub/security/tools/


  4.3 Installing Fixed Binaries

	Upgrade the affected binaries with the following commands:

	# uncompress /tmp/erg711890.Z
	# pkgadd -d /tmp/erg711890


5. References

	http://xforce.iss.net/static/6228.php
	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0388

	This and other advisories are located at
		http://stage.caldera.com/support/security

	This advisory addresses Caldera Security internal incidents
	sr855196, fz519311, erg711890.


6. Disclaimer

	Caldera International, Inc. is not responsible for the misuse
	of any of the information we provide on our website and/or
	through our security advisories. Our advisories are a service
	to our customers intended to promote secure installation and
	use of Caldera International products.


7. Acknowledgements

	This vulnerability was discovered and researched by David A.
	Holland <dhollandat_private>.
     

	 
___________________________________________________________________________

    This archive was generated by hypermail 2b30 : Tue Dec 11 2001 - 13:16:56 PST