Bugtraq mailing list archives
SCO su patches
From: ah () SECURITYFOCUS COM (Alfred Huger)
Date: Sun, 28 Nov 1999 08:48:48 -0800
=========================================================================== SCO Security Bulletin 99.19 17th-November-1999 su Security Patch --------------------------------------------------------------------------- I. Description Several security holes were found in the "su" program along with the iaf library. II. Impact Without these patches, unauthorized users may gain privileges. III. Releases This SSE contains binaries for: UnixWare 2.1.3 UnixWare 7.0.0 through 7.1.1 IV. Solution SCO is providing an interim patch to address this issue in the form of a System Security Enhancement (SSE) package. SSE039 contains replacement binaries for each system type, and is available for Internet download via anonymous ftp, and from the SCOFORUM on Compuserve. You can download the SSE package as follows: Anonymous ftp (World Wide Web URL): ftp://ftp.sco.COM/SSE/sse039.ltr (cover letter, ASCII text) ftp://ftp.sco.COM/SSE/sse039.tar.Z (new binaries, compressed tar file) Compuserve: GO SCOFORUM, and search Library 11 (SLS/SSE Files) for these filenames: SSE039.LTR (cover letter, ASCII text) SSE039.TAZ (new binaries, compressed tar file) Checksums (sum -r): 01787 3 sse039.ltr 53627 555 sse039.tar.Z V. Updates This bulletin is available for anonymous ftp download from ftp://ftp.sco.COM/SSE/security_bulletins/SB-99.19a, and will be updated as new information becomes available. The latest information on security vulnerabilities and fixes from SCO is available on the world-wide web at http://www.sco.com/security/ VI. Further Information: If you have further questions, contact your support provider. If you need to contact SCO, please send electronic mail to support () sco COM, or contact SCO as follows. USA/Canada: 6am-5pm Pacific Time (PST/PDT) ----------- 1-800-347-4381 (voice) 1-408-427-5443 (fax) Pacific Rim, Asia, and Latin American customers: 6am-5pm Pacific ------------------------------------------------ Time (PST/PDT) 1-408-425-4726 (voice) 1-408-427-5443 (fax) Europe, Middle East, Africa: 9am-5:30pm UK Time (GMT/BST) ---------------------------- +44 (0)1923 816344 (voice) +44 (0)1923 817781 (fax)
Current thread:
- WordPad/riched20.dll buffer overflow Pauli Ojanpera (Nov 18)
- Re: WordPad/riched20.dll buffer overflow Bronek Kozicki (Nov 18)
- Re: WordPad/riched20.dll buffer overflow Gerardo Richarte (Nov 18)
- Re: WordPad/riched20.dll buffer overflow Gerardo Richarte (Nov 24)
- (no subject) Swen Persson (Nov 24)
- Re: WordPad/riched20.dll buffer overflow Gerardo Richarte (Nov 24)
- Re: WordPad/riched20.dll buffer overflow pedward () WEBCOM COM (Nov 26)
- Re: WordPad/riched20.dll buffer overflow Christopher Rhodes (Nov 26)
- Re: WordPad/riched20.dll buffer overflow Glynn Clements (Nov 27)
- SCO su patches Alfred Huger (Nov 28)
- Solaris7 dtmail/dtmailpr/mailtool Buffer Overflow UNYUN (Nov 29)
- Page table protection on Intel Jason Spence (Nov 26)
- SuSE Security Announcement - new security tools Marc Heuse (Nov 26)
- 3Com cable modems / Mediaone Signal 11 (Nov 27)
- Re: 3Com cable modems / Mediaone Joseph W. Breu (Nov 29)
- NTmail and VRFY George (Nov 30)
- Netscape Communicator 4.7 - Navigator Overflows Mike Boto (Nov 27)
- Re: WordPad/riched20.dll buffer overflow Crispin Cowan (Nov 27)
- Re: WordPad/riched20.dll buffer overflow Solar Designer (Nov 29)
- Re: WordPad/riched20.dll buffer overflow Casper Dik (Nov 30)