Bugtraq mailing list archives
SCO Security patches (for land, winnuke)
From: ernst () PEM COM (Ernesto Baschny)
Date: Fri, 27 Feb 1998 16:50:22 +0100
From ftp://ftp.sco.com/SSE/sse010.ltr:
------------------------------------------------------------------------- System Security Enhancement (SSE) 010 - 24th February 1998 Problem: Many denial of service attacks against Internet-connected sites have been reported recently - exploit programs are widely available. SCO systems targeted by some of these attacks ("land" and "winnuke") may crash or hang. The enclosed patch should be applied as soon as possible. Patch: A replacement TCP driver is supplied for each of the following SCO operating systems: - SCO Open Desktop/Open Server Release 3.0 - SCO CMW+ 3.0 - SCO OpenServer Release 5.0 - SCO UnixWare 2.1 Note that if SLS OSS468 (for OpenServer 5.0.0 and 5.0.2) or SLS OSS469 (for OpenServer 5.0.4) has been installed, this patch should NOT be installed - OSS468 and OSS469 include this fix, and installing this patch after OSS468 or OSS469 will nullify other fixes contained in the SLS. At the time of writing, OSS468 and OSS469 are not yet available, so this patch should be installed in the meantime - OSS468 and OSS469 can still be safely installed after this patch. Prerequisites: All updates listed in this section are available for download from the SCO ftp site: ftp.sco.com . On OpenServer 5.0.0, the following updates MUST be installed prior to this patch: - RS500D (Release Supplement) - NET100 (Networking Supplement) - OSS449F (Network Maintenance Supplement) On OpenServer 5.0.2, the following updates MUST be installed prior to this patch: - OSS449F (Network Maintenance Supplement) On OpenServer 5.0.4, the following updates MUST be installed prior to this patch: - RS504C (Release Supplement) On UnixWare 2.1.0, the following updates MUST be installed prior to this patch: - UPD211 (SCO UnixWare 2.1.1 Update) - PTF3280L (Network Maintenance Supplement) On UnixWare 2.1.1 and 2.1.2, the following updates MUST be installed prior to this patch: - PTF3280L (Network Maintenance Supplement) Installation: Perform the following steps logged in as root: 1. Create a temporary directory, and copy SSE010 into it: # mkdir /tmp/sse010 # cp sse010.tar.Z /tmp/sse010 2. uncompress the tar file: # cd /tmp/sse010 # uncompress sse010.tar.Z 3. extract the files from the tar file: # tar xvf sse010.tar 4. Replace your existing TCP driver with the updated driver, and relink the kernel: - For SCO Open Desktop/Open Server 3.0: # cd /etc/conf/pack.d/tcp # mv Driver.o Driver.o.old (saves existing driver) # mv /tmp/sse010/Driver.o.odt3 Driver.o # /etc/conf/cf.d/link_unix Reply 'y' to the prompts for the new kernel to boot by default, and to rebuild the kernel environment. - For SCO CMW+ 3.0: # cd /etc/conf/pack.d/tcp # mv Driver.o Driver.o.old (saves existing driver) # mv /tmp/sse010/Driver.o.cmw3 Driver.o # /etc/conf/cf.d/link_unix Reply 'y' to the prompts for the new kernel to boot by default, and to rebuild the kernel environment. - For SCO OpenServer 5.0: # cd /usr/lib/tcprt/ID/tcp # mv Driver.o Driver.o.old (saves existing driver) # mv /tmp/sse010/Driver.o.osr5 Driver.o # cp Driver.o /etc/conf/pack.d/tcp (important!) # /etc/conf/cf.d/link_unix Reply 'y' to the prompts for the new kernel to boot by default, and to rebuild the kernel environment. (Note that for OpenServer 5.0, installation of the new driver will cause "custom" to display an error in future when the "Verify" command is chosen - be sure not to specify that this error be fixed, as it will cause the new driver to be overwritten by the old one.) - For SCO UnixWare 2.1: # cd /etc/conf/pack.d/tcp # mv Driver_atup.o Driver_atup.o.old # mv Driver_mp.o Driver_mp.o.old (saves existing drivers) # mv /tmp/sse010/Driver_atup.o . # mv /tmp/sse010/Driver_mp.o . # /etc/conf/idbuild -B 5. Shut down and reboot your system. (On UnixWare 2.1, be sure to use the "shutdown" command, as it is this which installs the relinked kernel.) Disclaimer: SCO believes that this patch addresses the reported vulnerability. However, in order that it be released as soon as possible, this patch has not been fully tested or packaged to SCO's normal exacting standards. For that reason, this patch is not officially supported. Official supported and packaged fixes for current SCO products will be available in due course. ------------------------------------------------------------------------- -- Ernesto Baschny Stuttgart - Germany ernst () studbox uni-stuttgart de Uni-Stuttgart, Informatik ernst () pem com PEM GmbH - SCO Premier Partner
Current thread:
- Q2-wrapper make Quake2 behave Dave (Feb 25)
- Re: Q2-wrapper make Quake2 behave Dave (Feb 25)
- OpenBSD Security Advisory: mmap() Problem tqbf () secnet com (Feb 26)
- SCO Security patches (for land, winnuke) Ernesto Baschny (Feb 27)