Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Security Update: [CSSA-2003-021.0] OpenLinux: mgetty caller ID buffer overflow and spool perm vulnerabilities

From: security () sco com
Date: Tue, 13 May 2003 13:23:52 -0700
To: bugtraq () securityfocus com announce () lists caldera com security-alerts () linuxsecurity com


______________________________________________________________________________

                        SCO Security Advisory

Subject:                OpenLinux: mgetty caller ID buffer overflow and spool perm vulnerabilities
Advisory number:        CSSA-2003-021.0
Issue date:             2003 May 13
Cross reference:
______________________________________________________________________________


1. Problem Description

        mgetty will overflow an internal buffer if the caller name
        reported by the modem is too long.

        The faxspool spooling directory used for outgoing faxes was
        world-writable.


2. Vulnerable Supported Versions

        System                          Package
        ----------------------------------------------------------------------

        OpenLinux 3.1.1 Server          prior to mgetty-1.1.22_Aug17-13.i386.rpm

        OpenLinux 3.1.1 Workstation     prior to mgetty-1.1.22_Aug17-13.i386.rpm


3. Solution

        The proper solution is to install the latest packages. Many
        customers find it easier to use the Caldera System Updater, called
        cupdate (or kcupdate under the KDE environment), to update these
        packages rather than downloading and installing them by hand.


4. OpenLinux 3.1.1 Server

        4.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-021.0/RPMS

        4.2 Packages

        be191369c6a4c96ea8bfacfc4e9842ac        mgetty-1.1.22_Aug17-13.i386.rpm

        4.3 Installation

        rpm -Fvh mgetty-1.1.22_Aug17-13.i386.rpm

        4.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-021.0/SRPMS

        4.5 Source Packages

        cff0b40ec866ac025898a0a8c629d29a        mgetty-1.1.22_Aug17-13.src.rpm


5. OpenLinux 3.1.1 Workstation

        5.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-021.0/RPMS

        5.2 Packages

        ffe360af815ee57e3f55d29ebdfe8023        mgetty-1.1.22_Aug17-13.i386.rpm

        5.3 Installation

        rpm -Fvh mgetty-1.1.22_Aug17-13.i386.rpm

        5.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-021.0/SRPMS

        5.5 Source Packages

        eeea9f8538004266355c7ff6e2c649d9        mgetty-1.1.22_Aug17-13.src.rpm


6. References

        Specific references for this advisory:

                http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1391
                http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1392

        SCO security resources:

                http://www.sco.com/support/security/index.html

        This security fix closes SCO incidents sr876805, fz527691,
        erg712287.


7. Disclaimer

        SCO is not responsible for the misuse of any of the information
        we provide on this website and/or through our security
        advisories. Our advisories are a service to our customers intended
        to promote secure installation and use of SCO products.

______________________________________________________________________________

Attachment: _bin
Description:

Previous By Date Next
Previous By Thread Next

Current thread: