Bugtraq mailing list archives

Security Update: [CSSA-2001-SCO.28] Open UNIX, UnixWare 7: rpc.ttdbserverd format string vulnerability

From: sco-security () caldera com
Date: Tue, 16 Oct 2001 16:15:06 -0700

To: bugtraq () securityfocus com security-announce () lists securityportal com announce () lists caldera com scoannmod 
() xenitec on ca


Do not reply to this mail. This security advisory is being sent from a
nonexistent address in order to avoid spam problems.  Caldera's
contact address for UNIX security issues is security-alert () caldera com.


___________________________________________________________________________

            Caldera International, Inc. Security Advisory

Subject:                Open UNIX, UnixWare 7: rpc.ttdbserverd format string vulnerability
Advisory number:        CSSA-2001-SCO.28
Issue date:             2001 October 16
Cross reference:
___________________________________________________________________________


1. Problem Description
        
        The rpc.ttdbserverd command is vulnerable to a format string
        attack.  This could be used by an unauthorized user to gain
        privilege.


2. Vulnerable Versions

        Operating System        Version         Affected Files
        ------------------------------------------------------------------
        UnixWare 7              All             /usr/dt/bin/rpc.ttdbserverd
        Open UNIX               8.0.0           /usr/dt/bin/rpc.ttdbserverd


3. Workaround

        None.


4. UnixWare 7, Open UNIX 8

  4.1 Location of Fixed Binaries

        ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.28/


  4.2 Verification

        md5 checksums:
        
        b15a904dd742eb1263429b00fb1a1c20        erg711831.Z


        md5 is available for download from

                ftp://stage.caldera.com/pub/security/tools/


  4.3 Installing Fixed Binaries

        Upgrade the affected binaries with the following commands:

        # uncompress /tmp/erg711831.Z
        # pkgadd -d /tmp/erg711831


5. References

        http://www.securityfocus.com/archive/1/217901
        http://www.securityfocus.com/advisories/3583

        This and other advisories are located at
                http://stage.caldera.com/support/security

        This advisory addresses Caldera Security internal incidents
        sr851392, fz518746 and erg711831.


6. Disclaimer

        Caldera International, Inc. is not responsible for the misuse
        of any of the information we provide on our website and/or
        through our security advisories. Our advisories are a service
        to our customers intended to promote secure installation and
        use of Caldera International products.


7. Acknowledgements

        This vulnerability was discovered and researched by Mark Dowd
        of the ISS X-Force.

         
___________________________________________________________________________

Attachment: _bin
Description:

Current thread:

Security Update: [CSSA-2001-SCO.28] Open UNIX, UnixWare 7: rpc.ttdbserverd format string vulnerability sco-security (Oct 16)