Full Disclosure mailing list archives
SCO Linux 4.0 : The docview package allows anonymous remote users to view any publicly readable files on a SCO Linux 4.0 system.
From: security () sco com
Date: Tue, 26 Aug 2003 10:07:45 -0700
To: bugtraq () securityfocus com announce () lists caldera com full-disclosure () lists netsys com security-alerts ()
linuxsecurity com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
SCO Security Advisory
Subject: SCO Linux 4.0 : The docview package allows anonymous remote users to view any publicly readable
files on a SCO Linux 4.0 system.
Advisory number: CSSA-2003-022.0
Issue date: 2003 August 25
Cross reference:
______________________________________________________________________________
1. Problem Description
Docview provides the SCO Linux System Administration Guide,
available in browser HTML format.
Due to a misconfiguration of the apache server, anonymous
remote users are able to craft a URL in such a way as to
view any publicly readable file.
The Common Vulnerabilities and Exposures (CVE) project has assigned
the name CAN-2003-0658 to this issue. This is a candidate for
inclusion in the CVE list (http://cve.mitre.org), which standardizes
names for security problems.
2. Vulnerable Supported Versions
System Files
----------------------------------------------------------------------
SCO Linux 4.0 /usr/lib/docview/conf/rewrite.conf
3. Solution
The proper solution is to install the latest packages.
4. SCO Linux 4.0
4.1 Location of Fixed Binaries
The RPMs are only available via the SCO Linux Update Service.
For details on how to register for the SCO Linux Update Service
please see the Certificate of License and Authenticity (COLA)
that came with your SCO Linux 4.0 product or go to:
http://www.sco.com/support/registration/
The for all SCO Linux RPMs are available free of charge to download from:
ftp://ftp.sco.com/pub/scolinux/server/4.0/updates/SRPMS/
4.2 Verification
MD5 (docview-1.1-18.i386.rpm) = 4e1eec1e251241dd42e1eaee7f47999c
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
4.3 Installing Fixed Binaries
Upgrade the affected binaries with the following sequence:
TO INSTALL/UPGRADE RPM:
You can install/upgrade the RPM using the SCO Linux Update Service as follows:
apt-get update
apt-get install scolinux
TO DOWNLOAD RPM:
If you wish to download the RPM (without installing it onto your system), you
can do so using the SCO Linux Update Service as follows:
apt-get update
apt-get -d install scolinux
The downloaded RPMs will be stored at:
/var/cache/apt/archives/
on your local machine.
5. References
Specific references for this advisory: none
SCO security resources:
http://www.sco.com/support/security/index.html
This security fix closes SCO incidents CAN-2003-0658 sr882973
fz528170 erg712387.
6. Disclaimer
SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers
intended to promote secure installation and use of SCO
products.
7. Acknowledgments
SCO would like to thank Milos Krmesk for discovery of this
vulnerability.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAj9KgEAACgkQaqoBO7ipriGRXQCfZ57gvEtM3HeKwFfg5avDt6aT
Y1cAoJBbm+rM/THBC5RHgbkETF9ApxU9
=AwRl
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- SCO Linux 4.0 : The docview package allows anonymous remote users to view any publicly readable files on a SCO Linux 4.0 system. security (Aug 26)