Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Security Update: [CSSA-2003-006.0] Linux: CVS double free vulnerability

From: security () caldera com
Date: Fri, 31 Jan 2003 11:15:44 -0800
To: bugtraq () securityfocus com announce () lists caldera com security-alerts () linuxsecurity com full-disclosure () 
lists netsys com

______________________________________________________________________________

                        SCO Security Advisory

Subject:                Linux: CVS double free vulnerability
Advisory number:        CSSA-2003-006.0
Issue date:             2003 January 31
Cross reference:
______________________________________________________________________________


1. Problem Description

        Double-free vulnerabiity in CVS allows remote attackers to cause
        a denial of service and possibly execute arbitrary code via a
        malformed Directory request.


2. Vulnerable Supported Versions

        System                          Package
        ----------------------------------------------------------------------

        OpenLinux 3.1.1 Server          prior to cvs-1.11-9.i386.rpm
                                        prior to cvs-doc-ps-1.11-9.i386.rpm

        OpenLinux 3.1.1 Workstation     prior to cvs-1.11-9.i386.rpm
                                        prior to cvs-doc-ps-1.11-9.i386.rpm

        OpenLinux 3.1 Server            prior to cvs-1.11-9.i386.rpm
                                        prior to cvs-doc-ps-1.11-9.i386.rpm

        OpenLinux 3.1 Workstation       prior to cvs-1.11-9.i386.rpm
                                        prior to cvs-doc-ps-1.11-9.i386.rpm


3. Solution

        The proper solution is to install the latest packages. Many
        customers find it easier to use the Caldera System Updater, called
        cupdate (or kcupdate under the KDE environment), to update these
        packages rather than downloading and installing them by hand.


4. OpenLinux 3.1.1 Server

        4.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-006.0/RPMS

        4.2 Packages

        e7a31e41a320f2397d23611600675d6e        cvs-1.11-9.i386.rpm
        676963b0422d0cd95397de77a3b927d1        cvs-doc-ps-1.11-9.i386.rpm

        4.3 Installation

        rpm -Fvh cvs-1.11-9.i386.rpm
        rpm -Fvh cvs-doc-ps-1.11-9.i386.rpm

        4.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-006.0/SRPMS

        4.5 Source Packages

        da4062b0b49efcabb47c7efb41dc5471        cvs-1.11-9.src.rpm


5. OpenLinux 3.1.1 Workstation

        5.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-006.0/RPMS

        5.2 Packages

        73dee39f6543079466e6d7adbac35ec6        cvs-1.11-9.i386.rpm
        129403e58ca353878b09fbbbaaccf645        cvs-doc-ps-1.11-9.i386.rpm

        5.3 Installation

        rpm -Fvh cvs-1.11-9.i386.rpm
        rpm -Fvh cvs-doc-ps-1.11-9.i386.rpm

        5.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-006.0/SRPMS

        5.5 Source Packages

        9030ced613dc9919f78a3200ea931fdc        cvs-1.11-9.src.rpm


6. OpenLinux 3.1 Server

        6.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-006.0/RPMS

        6.2 Packages

        3b3748a8bca4a972c422f43ff7745337        cvs-1.11-9.i386.rpm
        04760b87b35c2a0f72cc41ed9565b47d        cvs-doc-ps-1.11-9.i386.rpm

        6.3 Installation

        rpm -Fvh cvs-1.11-9.i386.rpm
        rpm -Fvh cvs-doc-ps-1.11-9.i386.rpm

        6.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-006.0/SRPMS

        6.5 Source Packages

        6d87ab953cd4864fe319085b3d2517db        cvs-1.11-9.src.rpm


7. OpenLinux 3.1 Workstation

        7.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-006.0/RPMS

        7.2 Packages

        0aa2347beb3bf9e5219dfce2eedb26d8        cvs-1.11-9.i386.rpm
        a646b53a8436c880b4752566223e7156        cvs-doc-ps-1.11-9.i386.rpm

        7.3 Installation

        rpm -Fvh cvs-1.11-9.i386.rpm
        rpm -Fvh cvs-doc-ps-1.11-9.i386.rpm

        7.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-006.0/SRPMS

        7.5 Source Packages

        6e2cf8a3b250a1373846f4d35ea958ad        cvs-1.11-9.src.rpm


8. References

        Specific references for this advisory:

                http://security.e-matters.de/advisories/012003.html
                http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0015

        SCO security resources:

                http://www.sco.com/support/security/index.html

        This security fix closes SCO incidents sr873732, fz527185,
        erg712206.


9. Disclaimer

        SCO is not responsible for the misuse of any of the information
        we provide on this website and/or through our security
        advisories. Our advisories are a service to our customers intended
        to promote secure installation and use of SCO products.


10. Acknowledgements

        Stefan Esser <s.esser () e-matters de> discovered and researched
        these vulnerabilities.

______________________________________________________________________________

Attachment: _bin
Description:

Previous By Date Next
Previous By Thread Next

Current thread: