Re: recent SCO 5.0.x vulnerabilities

[jrm () FREEDOM SWC COM (Jon Mitchell)]

The following was stated by mikea () SCO COM:

> SCO is working on investigating and fixing the recent
> vulnerabilities reported here (namely the 19 buffer
> overflows, Xt and lpr exploits).  We will have a patch
> for OpenServer 5.0.5 in two weeks, which will be available
> from http://www.sco.com/security/.

I want to point out that it has been four weeks since this post and not a
single thing has changed on the URL above.  However, on the BUGTRAQ side
of things several more exploits for Openserver 5.0.5 have been posted as
well as a Unixware 7.1 exploit.  (Thank you Brock for all the work you've
done to help improve SCO's security)

Although there have been several posts by people knowledgeable about SCO
saying that work is being done, there are no new patches available on
their website.

I realize that fixing this many issues takes time, but since time is of
the essence in keeping systems secure, couldn't incremental fixes or
workarounds be released (ala hotfixes)?  Those of us who have to support
SCO systems would certainly appreciate it.  Four weeks really should be
enough time to at least post a message saying those people who do not need
to be using SCO Doctor or some other such Skunkware utility should
uninstall it until patches can be made.  Not all of us in support want to
wait six months for the next release supplement to fix problems critical
to our systems.

--
Jon Mitchell
Systems Engineer, Subject Wills and Company
jrm () swc com

-- These views are mine and should not be attributed to my employer --